Cross Site Scripting Vulnerability in Portabilis i-Diario Affected Component
CVE-2025-8511

5.1MEDIUM

Key Information:

Vendor

Portabilis

Status
I-diario
Vendor
CVE Published:
3 August 2025

What is CVE-2025-8511?

A vulnerability has been identified in Portabilis i-Diario version 1.5.0, specifically within the Observações component. The issue lies in the manipulation of the Descrição parameter, which is susceptible to cross site scripting (XSS). This vulnerability permits attackers to execute arbitrary scripts in the context of users' sessions, leading to potential data theft or unauthorized actions. Notification attempts to the vendor regarding this issue have gone unacknowledged, raising concerns about the safety of users relying on this application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

i-Diario 1.5.0

References

https://vuldb.com/?id.318610
vdb-entrytechnical-description
https://vuldb.com/?ctiid.318610
signaturepermissions-required
https://vuldb.com/?submit.618973
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

marceloQz (VulDB User)
marceloQz (VulDB User)
JSON
.