Описание
A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=save_student. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
3.5 Low
CVSS3
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was found in SourceCodester School Log Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/ajax.php?action=save_student. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272789 was assigned to this vulnerability.
EPSS
3.5 Low
CVSS3
6.1 Medium
CVSS3
4 Medium
CVSS2