CVE-2025-4469

Опубликовано: 09 мая 2025

Источник: nvd

CVSS3: 2.4

CVSS3: 5.4

CVSS2: 3.3

EPSS Низкий

Описание

A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument txtusername/txtfullname/txtpassword/txtpassword2 leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/xss-1.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.308088
Permissions Required
VDB Entry
https://vuldb.com/?id.308088
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.566248
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:senior-walter:online_student_clearance_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00031

Низкий

2.4 Low

CVSS3

5.4 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-gggx-5gg2-hxhj

CVSS3: 2.4

github

9 месяцев назад

A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument Username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 8%

0.00031

Низкий

2.4 Low

CVSS3

5.4 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-79