I-educar@2.9 Security Vulnerabilities and Issues — I-educar@2.9 CVE List

Lucene search

PortabilisI-educar2.9

3 matches found

CVE•added 2025/05/08 12:15 a.m.•80 views

CVE-2024-55651

i-Educar is free, fully online school management software. Version 2.9 of the application fails to properly validate and sanitize user supplied input, leading to a stored cross-site scripting vulnerability that resides within the user type (Tipo de Usuário) input field. Through this attacker vector...

5.4CVSS5.5AI score0.00039EPSS

CVE•added 2024/12/22 8:15 a.m.•43 views

CVE-2024-12893

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. Affected by this issue is some unknown functionality of the file /usuarios/tipos/2 of the component Tipo de Usuário Page. The manipulation of the argument name leads to cross site scripting. The a...

5.4CVSS3.4AI score0.00016EPSS

CVE•added 2024/12/18 11:15 p.m.•35 views

CVE-2024-55239

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulo_documento' parameter.

5.4CVSS6.4AI score0.00013EPSS