CVE-2025-9105

Source
https://cve.org/CVERecord?id=CVE-2025-9105
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9105.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-9105
Published
2025-08-18T04:02:05.133Z
Modified
2026-07-08T07:22:32.840549255Z
Severity
  • 2.0 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
Portabilis i-Diario Informações Adicionais /planos-de-ensino-por-areas-de-conhecimento cross site scripting
Details

A vulnerability has been found in Portabilis i-Diario up to 1.5.0. The impacted element is an unknown function of the file /planos-de-ensino-por-areas-de-conhecimento/ of the component Informações Adicionais Page. Such manipulation of the argument Parecer/Conteúdos/Objetivos leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/9xxx/CVE-2025-9105.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-79",
        "CWE-94"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "1.0"
                },
                {
                    "last_affected": "1.0"
                },
                {
                    "introduced": "1.1"
                },
                {
                    "last_affected": "1.1"
                },
                {
                    "introduced": "1.2"
                },
                {
                    "last_affected": "1.2"
                },
                {
                    "introduced": "1.3"
                },
                {
                    "last_affected": "1.3"
                },
                {
                    "introduced": "1.4"
                },
                {
                    "last_affected": "1.4"
                },
                {
                    "introduced": "1.5.0"
                },
                {
                    "last_affected": "1.5.0"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/portabilis/i-diario

Affected ranges

Type
GIT
Repo
https://github.com/portabilis/i-diario
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:portabilis:i-diario:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.0"
        }
    ]
}

Affected versions

1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.6
1.0.7
1.0.8
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.2.0
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.4.0
1.4.1
1.5.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9105.json"