← volver
CVE-2025-1955

code-projects Online Class and Exam Scheduling System profile.php cross site scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79CWE-94
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
code-projects · Online Class and Exam Scheduling System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://code-projects.org/https://hexotion.notion.site/Online-Class-and-Exam-Scheduling-System-in-PHP-has-Stored-Cross-Site-Scripting-vulnerability-in-prof-1a7bb766cf32809b9f0be980e90d83f7?pvs=73https://vuldb.com/?ctiid.298556https://vuldb.com/?id.298556https://vuldb.com/?submit.510689