CVE-2025-10099 | Portabilis i-Educar up to 2.10 Editar usuário Page educar_usuario_cad.php email/data_inicial/data_expiracao cross site scripting

A vulnerability identified as problematic has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_usuario_cad.php of the component Editar usuário Page. This manipulation of the argument email/data_inicial/data_expiracao causes cross site scripting.

The identification of this vulnerability is CVE-2025-10099. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.