Reflected Cross-Site Scripting in Portabilis i-Educar Software

CVE-2024-55239

What is CVE-2024-55239?

CVE-2024-55239 is a reflected Cross-Site Scripting (XSS) vulnerability found in Portabilis i-Educar version 2.9. The flaw occurs in the software's standard documentation upload functionality, allowing attackers to craft malicious URLs that include arbitrary JavaScript within the 'titulo_documento' parameter. This exploitation could lead to unauthorized access to sensitive information, session hijacking, or the delivery of malware to users interacting with the compromised link, posing significant risks for both the application and its users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References