CNNVD-202508-1432 Information
CNNVD ID
CNNVD-202508-1432
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
Portabilis i‑Diário是巴西Portabilis开源的一个学校教学日历与教师互动管理系统。 Portabilis i‑Diário 1.6及之前版本存在代码注入漏洞,该漏洞源于对文件/objetivos-de-aprendizagem-e-habilidades中参数código/objetivo habilidade的错误操作导致跨站脚本攻击。
Description (English)
Portabilis i-Diário is an interactive management system for school calendars and teachers that is an open source in Portabilis, Brazil. Portabilis i-Diário 1.6 and previous versions contain a code-infusion loophole, resulting from an error in the use of the parameters código/objetivo habilidadade in the document/objetivos-de-aprendizagem-e-habilidades, resulting in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Published
2025-08-13
Last Modified
2026-02-24
References
https://github.com/FeMarb/CVEs/tree/6eeefb2749bb6165557ed4664a0680456131e4de/I-diario https://vuldb.com/?ctiid.319878 https://vuldb.com/?id.319878 https://vuldb.com/?submit.629166
Patch
https://benjaminconstant-am.portabilis.com.br/
Share on: