Name of the Vulnerable Software and Affected Versions:

Portabilis i-Educar version 2.10

Description:

A vulnerability exists in Portabilis i-Educar 2.10 related to cross site scripting. The issue is located in the `/intranet/public uf cad.php` file, where manipulation of the `nome` argument can trigger the vulnerability. The attack can be initiated remotely. The exploit has been publicly disclosed.

Recommendations:

As a temporary workaround, consider restricting access to the `/intranet/public uf cad.php` file until a patch is available.

Sanitize the `nome` argument to prevent the injection of malicious scripts.