CVE-2025-10373

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-10373

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10373.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-10373

Published

2025-09-13T19:15:31.450Z

Modified

2026-04-10T05:20:27.169508Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /intranet/educarturmatipocad.php. Such manipulation of the argument nmtipo leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

References

Affected packages

Git / github.com/portabilis/i-educar

Affected ranges

Type

GIT

Repo

https://github.com/portabilis/i-educar

Events

Introduced

Last affected

cfb0a5db27ab623cf3f17cd5e0c704bde02cbf07

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.10.0"
        }
    ]
}

Affected versions

2.*

2.0.0

2.0.1

2.0.10

2.0.11

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.8.1

2.0.9

2.1.0

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.14

2.1.15

2.1.16

2.1.17

2.1.18

2.1.19

2.1.2

2.1.20

2.1.21

2.1.23-upgrade

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.10.0

2.2.0

2.2.1

2.2.10

2.2.11

2.2.12

2.2.13

2.2.14

2.2.15

2.2.16

2.2.17

2.2.18

2.2.19

2.2.2

2.2.20

2.2.21-upgrade

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

2.3.1

2.3.10

2.3.2

2.3.3

2.3.4

2.3.5

2.3.6

2.3.7

2.3.8

2.3.9

2.5.0

2.5.1

2.5.2

2.5.3

2.5.4-upgrade

2.6.0

2.6.1

2.6.2

2.6.3

2.6.4

2.6.5

2.6.6

2.6.7

2.6.8

2.7.0

2.7.1

2.7.2

2.7.3

2.8.0

2.8.0-beta

2.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10373.json"