CVE-2024-55239

Portabilis i-Educar 2.9 is affected by a reflected XSS in the standard documentation upload functionality, exploitable via the titulo_documento parameter to craft malicious URLs with arbitrary JavaScript. CVE-2024-55239 is rated CVSS v3.1 base 5.4 (Medium). Exploitation details are not described ...