CNNVD-202508-850 Information

CNNVD ID

CNNVD-202508-850

Related CVE

CVE-2025-8790

• CNNVD Published: 2025-08-10

Description (Chinese)

i-Educar是Portábilis开源的一个免费教育软件。 i-Educar 2.9.0及之前版本存在安全漏洞，该漏洞源于文件/module/Api/pessoa中参数ID处理不当，可能导致授权不当。

Description (English)

i-Educar is a free education software from Portábilis. i-Educar 2.9.0 and previous versions had a security loophole, which stemmed from the mishandling of parameter ID in document/module/Api/pessoa, which could lead to inappropriate delegation of authority.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Portábilis

Published

2025-08-10

Last Modified

2026-02-24

References

https://vuldb.com/?id.319318 https://vuldb.com/?submit.625918 https://github.com/CVE-Hunters/CVE/blob/main/i-educar/CVE-2025-8790.md https://vuldb.com/?ctiid.319318 https://access.redhat.com/security/cve/cve-2025-8790

Patch

https://github.com/portabilis/i-educar/releases