How severe is CVE-2024-55239?

CVE-2024-55239 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2024-55239

Name: i-educar
Author: portabilis

5.4MEDIUM

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 't

Published: 12/18/2024Updated: 7/3/2025

Description

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulo_documento' parameter.

AI AnalysisPowered by AI

Affected Products

portabilisi-educar

2.9

References

https://github.com/RegularUs3r/CVE-Research/blob/main/CVE-2024/Portabilis%20-%20iEducar/CVE-2024-55239%20-%20Reflected%20Cross-Site%20Scripting.md
ExploitThird Party Advisory
https://github.com/RegularUs3r/CVE-Research/blob/main/CVE-2024/Portabilis%20-%20iEducar/CVE-2024-55649%20-%20Reflected%20Cross-Site%20Scripting.md
Not Applicable
https://github.com/RegularUs3r/CVE-Research/blob/main/CVE-2024/Portabilis%20-%20iEducar/CVE-2024-55239%20-%20Reflected%20Cross-Site%20Scripting.md
ExploitThird Party Advisory