CVE-2025-8787 | Portabilis i-Diario up to 1.5.0 Registro das atividades registros-de-conteudos-por-disciplina Registro de atividades/Conteúdos cross site scripting

A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting.

This vulnerability is known as CVE-2025-8787. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-8787 | Portabilis i-Diario up to 1.5.0 Registro das atividades registros-de-conteudos-por-disciplina Registro de atividades/Conteúdos cross site scripting

Post correlati

CVE-2024-2878 | GitLab Community Edition/Enterprise Edition up to 16.9.6/16.10.4/16.11.1 allocation of resources

CVE-2025-1057 | Keylime 7.12.0 Database Entry denial of service

CVE-2021-47146 | Linux Kernel up to 5.12.8 mld_newpack denial of service

CVE-2025-22389 | Optimizely EPiServer.CMS.Core up to 12.31.x unrestricted upload