VYPR
Low severity3.5NVD Advisory· Published Sep 17, 2025· Updated Apr 29, 2026

CVE-2025-10591

CVE-2025-10591

Description

A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_funcao_cad.php of the component Editar Função Page. This manipulation of the argument abreviatura/tipoacao causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Affected products

2
  • cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*range: <=2.10.0
    • (no CPE)range: <=2.10

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.

CVE-2025-10591 · Low · VYPR