Name of the Vulnerable Software and Affected Versions:

Portabilis i-Educar version 2.10

Description:

A cross-site scripting issue exists due to the manipulation of the `nm motivo` argument in the file `/intranet/educar motivo afastamento cad.php`. The attack can be launched remotely. The exploit has been publicly disclosed.

Recommendations:

As a temporary workaround, consider restricting access to the `/intranet/educar motivo afastamento cad.php` file until a fix is available.

Sanitize the `nm motivo` input to prevent the injection of malicious scripts.