CVE Details
Basic Information
| Title | SourceCodester Student Result Management System Division System Page division-system cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-06-06T06:00:15.357Z |
| Last Seen |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Student Result Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 4.8 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A stored cross-site scripting (XSS) vulnerability exists in the Division System Page of SourceCodester Student Result Management System 1.0. The vulnerability allows an attacker to inject malicious scripts into the Division field, which are then executed when the affected page is viewed. This can lead to unauthorized actions or data theft. The vulnerability has a CVSS score of 4.8 and is considered Medium severity. |
|---|---|
| AI Severity | Medium |
| Vendor | SourceCodester |
| Product | Student Result Management System |
| Affected Version | 1.0 |
Affected Products
- SourceCodester Student Result Management System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family |
References
Description
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /script/academic/division-system of the component Division System Page. The manipulation of the argument Division leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.