CVE-2025-10584
BaseFortify
Publication date: 2025-09-17
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-educar | to 2.10.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10584 is a Stored Cross-Site Scripting (XSS) vulnerability in Portabilis i-Educar up to version 2.10, specifically in the file /intranet/educar_calendario_anotacao_cad.php. It occurs because the application does not properly validate or sanitize user inputs in the parameters nm_anotacao and descricao. Attackers can inject malicious scripts into these fields, which are then stored on the server and executed in the browsers of users who visit the affected pages, leading to unauthorized script execution. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to several impacts including session cookie theft (which can result in session hijacking), malware distribution, browser hijacking, credential theft, exposure of sensitive information, website defacement, user misdirection, and reputational damage to the affected organization. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the vulnerable endpoint /intranet/educar_calendario_anotacao_cad.php in your Portabilis i-Educar installation. You can also look for suspicious input in the parameters nm_anotacao and descricao that may contain malicious scripts. Attackers may be identified by searching for requests to this endpoint with unusual payloads. Additionally, Google dorking with the query inurl:intranet/educar_calendario_anotacao_cad.php can help identify vulnerable targets externally. There is no specific command provided, but monitoring web server logs for requests to this endpoint with suspicious script tags or payloads like "><img src=x onerror=alert('CVE-Hunters')>" can help detect exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable endpoint /intranet/educar_calendario_anotacao_cad.php, applying input validation and sanitization on the parameters nm_anotacao and descricao to neutralize malicious scripts, and monitoring for exploitation attempts. Since no official patches or mitigations are published, it is suggested to replace the affected component with an alternative product or upgrade to a version that addresses the vulnerability if available. Additionally, educating users to avoid interacting with suspicious inputs can reduce risk. [2, 1]