Name of the Vulnerable Software and Affected Versions:

Portabilis i-Educar version 2.10

Description:

A cross-site scripting issue exists due to the manipulation of the `nome` argument. The issue affects an unknown functionality of the file `/intranet/public distrito cad.php`. The attack can be launched remotely. The exploit has been publicly disclosed, and the vendor did not respond to the disclosure.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.