Plateforme
php
Composant
cves
Corrigé dans
2.0.1
2.1.1
2.2.1
2.3.1
2.4.1
2.5.1
2.6.1
2.7.1
2.8.1
2.9.1
2.10.1
CVE-2025-8918 is a cross-site scripting (XSS) vulnerability affecting Portabilis i-Educar versions 2.0 through 2.10. This vulnerability allows attackers to inject malicious scripts into the application via manipulation of the 'neighborhood name' argument within the /intranet/educarinstituicaocad.php file. A patch is available in version 2.10.1, addressing this security concern.
Successful exploitation of CVE-2025-8918 allows an attacker to execute arbitrary JavaScript code in the context of a user's browser session. This can lead to various malicious outcomes, including session hijacking, defacement of the i-Educar interface, and theft of sensitive information like user credentials or personal data. The vulnerability's remote accessibility significantly broadens the potential attack surface, as attackers can initiate the exploit from anywhere with network access to the i-Educar instance. The impact is amplified if the i-Educar system is used to manage sensitive student or institutional data.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. While no active campaigns have been definitively linked to CVE-2025-8918 at the time of writing, the availability of public information makes it a potential target for opportunistic attackers. The vulnerability was reported to the vendor, but they did not respond. It is not listed on KEV or EPSS.
Educational institutions and organizations utilizing Portabilis i-Educar for student management or administrative purposes are at risk. Specifically, those running versions 2.0 through 2.10 are vulnerable. Shared hosting environments where multiple i-Educar instances reside on the same server are particularly susceptible, as a compromise of one instance could potentially impact others.
• php: Examine access logs for requests to /intranet/educarinstituicaocad.php containing unusual or suspicious characters in the neighborhood parameter.
grep 'neighborhood=[^a-zA-Z0-9 ]+' /var/log/apache2/access.log• generic web: Use curl to test the /intranet/educarinstituicaocad.php endpoint with a simple XSS payload (e.g., <script>alert(1)</script>) in the neighborhood parameter. Monitor browser console for alerts.
curl -X POST -d "neighborhood=<script>alert(1)</script>" http://your-i-educar-instance/intranet/educar_instituicao_cad.phpdisclosure
Statut de l'Exploit
EPSS
0.03% (percentile 10%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-8918 is to upgrade i-Educar to version 2.10.1 or later, which includes the necessary fix. If immediate upgrading is not feasible, consider implementing input validation and sanitization on the 'neighborhood name' parameter within the /intranet/educarinstituicaocad.php file. Web application firewalls (WAFs) configured to detect and block XSS payloads targeting this specific endpoint can provide an additional layer of defense. Regularly review and update i-Educar's security configuration to minimize the risk of similar vulnerabilities.
Mettez à jour i-Educar vers la dernière version disponible. Si aucune version n'est disponible, examinez le code de /intranet/educar_instituicao_cad.php et filtrez ou échappez correctement l'entrée du paramètre 'neighborhood name' pour éviter l'exécution de code JavaScript non désiré.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-8918 is a cross-site scripting (XSS) vulnerability in Portabilis i-Educar versions 2.0 through 2.10, allowing attackers to inject malicious scripts.
You are affected if you are running i-Educar versions 2.0 through 2.10. Upgrade to 2.10.1 or later to mitigate the risk.
Upgrade i-Educar to version 2.10.1 or later. As a temporary workaround, implement input validation on the 'neighborhood' parameter.
While no confirmed active campaigns are known, the public disclosure increases the risk of exploitation.
Refer to the Portabilis security advisories page for updates and official information regarding CVE-2025-8918.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.