2024-12-18 00:00:00
mitre
PUBLISHED
A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the titulo_documento parameter.