CVE-2025-8789

A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: Aug 10, 2025
Updated: Aug 13, 2025
CVE: CVE-2025-8789
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-285
CWE-639

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
portabilis / i-educar	-	2.9.0.x

https://github.com/CVE-Hunters/CVE/blob/main/i-educar/CVE-2025-8789.md
https://vuldb.com/?ctiid.319317
https://vuldb.com/?id.319317
https://vuldb.com/?submit.625917

Vulnerability Database

CVE-2025-8789

Deep Security Visibility Without the Complexity