CVE-2025-10606 – Portabilis i-Educar ConfiguracaoMovimentoGeral cross site scripting

CVE ID : CVE-2025-10606

Published : Sept. 17, 2025, 6:15 p.m. | 44 minutes ago

Description : A weakness has been identified in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /module/Configuracao/ConfiguracaoMovimentoGeral. This manipulation of the argument tipoacao causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2026-48840 – Exim Uninitialized Stack Memory Disclosure Vulnerability

CVE-2026-9831 – ExtremeCloud IQ Cross Tenant Data Exposure via Extreme Platform One Authentication Race Condition

CVE-2026-4387 – Unencrypted storage of authentication state in StrongDM Desktop Application state.kv file

CVE-2026-48811 – FreeScout: Thread Deletion Bypasses Mailbox Access Revocation