CNNVD-202507-2551 Information

Jul 20, 2025 cve

CNNVD ID

CNNVD-202507-2551

CVE-2025-7872

CNNVD Published: 2025-07-20

Description (Chinese)

Portabilisu202fi‑Diário是巴西Portabilis开源的一个学校教学日历与教师互动管理系统。 Portabilisu202fi‑Diário 1.5.0版本存在代码注入漏洞，该漏洞源于文件/justificativas-de-falta中参数Justificativa处理不当导致跨站脚本。

Description (English)

Portabilisu 202fi — Diário is a system of management of the school calendar and teacher interaction, which is an open source in Portabilis, Brazil. Portabilisu 202fi – Diário 1.5.0 contains a code-injection loophole, which stems from the mishandling of the parameter Justificativa in the document/justificativa-de-falta, resulting in the cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Published

2025-07-20

Last Modified

2026-02-24

References

https://github.com/marcelomulder/CVEs/blob/main/Report%201.md https://vuldb.com/?ctiid.316985 https://vuldb.com/?submit.610138 https://vuldb.com/?id.316985 https://access.redhat.com/security/cve/cve-2025-7872

Share on: