Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel
Vulnerability Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting (XSS) via the matricula_interna parameter in the educar_usuario_cad.php endpoint. This issue affects i-Educar: 2.10.0.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
i-Educar 安全漏洞
Vulnerability Description
i-Educar是Portábilis开源的一个免费教育软件。 i-Educar 2.10.0版本存在安全漏洞,该漏洞源于educar_usuario_cad.php端点中matricula_interna参数输入中和不当,可能导致存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A