← volver
CVE-2025-5724

SourceCodester Student Result Management System Subjects Page subjects cross site scripting

CVSS 4.8 MEDIUMEPSS 0.3%CWE-79CWE-94
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /script/academic/subjects of the component Subjects Page. The manipulation of the argument Subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
Productos afectados
SourceCodester · Student Result Management System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/0xEricTee/CVE/blob/main/Research/Stored_XSS.mdhttps://github.com/0xEricTee/CVE/blob/main/Research/Stored_XSS.md#field-4-subject-field-in-subjects-pagehttps://vuldb.com/?ctiid.311244https://vuldb.com/?id.311244https://www.sourcecodester.com/