How severe is CVE-2025-11554?

CVE-2025-11554 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2025-11554

Name: i-educar
Author: portabilis

6.3MEDIUM

A security vulnerability has been detected in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the c

Опубликовано: 10/9/2025Обновлено: 11/21/2025

Описание

A security vulnerability has been detected in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the component User Type Handler. The manipulation leads to insecure inherited permissions. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

ИИ-АнализНа базе ИИ

Затронутые продукты

portabilisi-educar

Ссылки

https://github.com/m3m0o/portabilis-ieducar-user-type-privilege-escalation
ExploitThird Party Advisory
https://vuldb.com/?ctiid.327714
Permissions RequiredVDB Entry
https://vuldb.com/?id.327714
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.671072
Third Party AdvisoryVDB Entry