CVE-2025-9723
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-31

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_regime_cad.php. Performing manipulation of the argument nm_tipo results in cross site scripting. The attack can be initiated remotely. The exploit has been made public and could be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-31
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-08-31
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9723
EUVD
EUVD-2025-26290
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
portabilis i-educar to 2.10 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-9723 is a Stored Cross-Site Scripting (XSS) vulnerability in the Portabilis i-Educar application up to version 2.10. It occurs in the /intranet/educar_tipo_regime_cad.php file, specifically in the nm_tipo parameter, where user input is not properly validated or sanitized. This allows attackers to inject malicious scripts that are stored on the server and executed in the browsers of users who visit the affected page, leading to potential security risks. [1, 2]


How can this vulnerability impact me? :

This vulnerability can lead to several security impacts including session cookie theft (which can enable session hijacking), downloading and installation of malware, browser hijacking, credential theft, unauthorized access to sensitive information, website defacement, user misdirection, and damage to the business's reputation. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of the vulnerable endpoint `/intranet/educar_tipo_regime_cad.php` and testing the `nm_tipo` parameter for improper input sanitization. One method is to use a web request tool (e.g., curl) to send a payload to the parameter and observe if the script executes or is stored. Additionally, Google dorking with the query `inurl:intranet/educar_tipo_regime_cad.php` can help identify vulnerable targets. Example command to test injection: `curl -X POST -d "nm_tipo=\"><img src=x onerror=alert('CVE-Hunters')>" http://target/intranet/educar_tipo_regime_cad.php` and then visit the trigger page `/intranet/educar_tipo_regime_lst.php` to see if the payload executes. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include avoiding use of the vulnerable Portabilis i-Educar versions up to 2.10 or replacing the affected software with an alternative product, as no known mitigations or patches have been published. Additionally, restricting access to the vulnerable endpoint, applying web application firewalls (WAF) to filter malicious input, and educating users about the risk can help reduce exposure until a fix is available. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart