Plattform
php
Komponente
cve-research
Behoben in
2.0.1
2.1.1
2.2.1
2.3.1
2.4.1
2.5.1
2.6.1
2.7.1
2.8.1
2.9.1
CVE-2024-12893 describes a problematic cross-site scripting (XSS) vulnerability discovered in Portabilis i-Educar versions 2.0 through 2.9. This vulnerability allows attackers to inject malicious scripts via manipulation of the 'name' argument within the /usuarios/tipos/2 component. The vulnerability is remotely exploitable and has been publicly disclosed, raising concerns about potential exploitation. A fix is available in version 2.9.1.
Successful exploitation of CVE-2024-12893 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session on the i-Educar platform. This can lead to various malicious outcomes, including session hijacking, credential theft, and defacement of the i-Educar interface. The attacker could potentially gain access to sensitive user data or compromise the integrity of the application. Given the public disclosure, the risk of exploitation is elevated, particularly if users have not yet applied the available patch.
This vulnerability was publicly disclosed on December 22, 2024. The lack of response from the vendor is concerning and increases the likelihood of exploitation. While the CVSS score is LOW (2.4), the public disclosure and ease of exploitation make it a potential risk. No known active campaigns or proof-of-concept exploits beyond the disclosure have been reported as of this writing.
Educational institutions and organizations utilizing i-Educar for student management are particularly at risk. Those running older, unpatched versions (2.0-2.9) are directly vulnerable. Shared hosting environments where multiple i-Educar instances reside on the same server could experience cascading impacts if one instance is compromised.
• php: Examine i-Educar application logs for suspicious requests targeting the /usuarios/tipos/2 endpoint with unusual parameters in the name field. Use grep to search for patterns like <script> or javascript: in these requests.
grep -i '<script' /var/log/apache2/access.log | grep '/usuarios/tipos/2'• generic web: Use curl to test the /usuarios/tipos/2 endpoint with a simple XSS payload (e.g., <script>alert('XSS')</script>). Check the response for the alert box.
curl -X GET 'http://your-i-educar-server/usuarios/tipos/2?name=<script>alert("XSS")</script>' -s• generic web: Review access logs for unusual user agent strings or IP addresses accessing the /usuarios/tipos/2 endpoint.
disclosure
Exploit-Status
EPSS
0.11% (30% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-12893 is to upgrade i-Educar to version 2.9.1 or later, which includes the necessary fix. If upgrading immediately is not feasible, consider implementing input validation and sanitization on the /usuarios/tipos/2 endpoint to prevent malicious script injection. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. After upgrading, verify the fix by attempting to inject a simple script through the /usuarios/tipos/2 endpoint and confirming that it is properly sanitized.
Aktualisieren Sie i-Educar auf eine Version nach 2.9, die die XSS-Schwachstelle behebt. Wenn keine Version verfügbar ist, überprüfen und filtern Sie die Eingaben des Arguments 'name' auf der Seite Tipo de Usuário, um die Injektion von bösartigem Code zu verhindern. Erwägen Sie die Implementierung von Eingabevalidierung und -bereinigung im Code.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-12893 is a cross-site scripting (XSS) vulnerability affecting Portabilis i-Educar versions 2.0 through 2.9, allowing attackers to inject malicious scripts.
If you are using i-Educar versions 2.0, 2.1, 2.2, 2.3, or 2.4, 2.5, 2.6, 2.7, 2.8, or 2.9, you are potentially affected by this vulnerability.
Upgrade i-Educar to version 2.9.1 or later to remediate the vulnerability. Consider input validation as a temporary workaround.
While no active campaigns have been confirmed, the vulnerability has been publicly disclosed, increasing the risk of exploitation.
Refer to the Portabilis security advisories page for updates and official information regarding CVE-2024-12893: [https://portabilis.org/security/](https://portabilis.org/security/)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.