CVE Details
Basic Information
| Title | SourceCodester Online Student Management System edit-student-detail.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2023-12-19T10:57:27.291Z |
| Modified | 2024-11-21T14:24:23.774Z |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Online Student Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 2.4 (LOW) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N |
AI Analysis
| AI Description | This vulnerability is a cross-site scripting (XSS) issue in the edit-student-detail.php file of SourceCodester’s Online Student Management System. It allows remote attackers to inject malicious scripts via the notmsg argument. The CVSS score of 2.4 indicates a low severity, but it’s important to patch to prevent potential attacks. |
|---|---|
| AI Severity | Low |
| AI Vendor | SourceCodester |
| AI Product | Online Student Management System |
| AI Version | 1.0 |
Affected Products
- SourceCodester Online Student Management System 1.0
Additional Information
| CWE List | CWE-79 |
|---|---|
| Source | VulDB |
Description
A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248377 was assigned to this vulnerability.