How severe is CVE-2025-11554?

CVE-2025-11554 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2025-11554

Name: i-educar
Author: portabilis

6.3MEDIUM

A security vulnerability has been detected in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the c

公開日: 10/9/2025更新日: 11/21/2025

説明

A security vulnerability has been detected in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the component User Type Handler. The manipulation leads to insecure inherited permissions. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

AI分析AIによる分析

影響を受ける製品

portabilisi-educar

参照

https://github.com/m3m0o/portabilis-ieducar-user-type-privilege-escalation
ExploitThird Party Advisory
https://vuldb.com/?ctiid.327714
Permissions RequiredVDB Entry
https://vuldb.com/?id.327714
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.671072
Third Party AdvisoryVDB Entry