CVE-2025-11554 | Portabilis i-Educar up to 2.9.10 User Type AccessLevelController.php insecure inherited permissions

A vulnerability, which was classified as critical, has been found in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the component User Type Handler. The manipulation leads to insecure inherited permissions.

This vulnerability is listed as CVE-2025-11554. The attack may be initiated remotely. In addition, an exploit is available.VulDB Recent EntriesRead More