Vulnerability Database

299,184

Total vulnerabilities in the database

CVE-2024-55239

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulo_documento' parameter.

Published: Dec 19, 2024
Updated: Jul 4, 2025
CVE: CVE-2024-55239
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
portabilis / i-educar	2.9	2.9.x

https://github.com/RegularUs3r/CVE-Research/blob/main/CVE-2024/Portabilis%20-%20iEducar/CVE-2024-55239%20-%20Reflected%20Cross-Site%20Scripting.md
https://github.com/RegularUs3r/CVE-Research/blob/main/CVE-2024/Portabilis%20-%20iEducar/CVE-2024-55649%20-%20Reflected%20Cross-Site%20Scripting.md

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo