| Titel | SourceCodester Student Result Management System 1.0 Cross Site Scripting |
|---|
| Beschreibung | Stored Cross Site Scripting vulnerabilities were discovered in multiple spots in Student Result Management System v1.0. Specifically, the application contains 4 different roles in the system, there are Administrator, Academic Teacher, Teacher and Student roles. As an Academic Teacher account, the below fields are vulnerable to Stored Cross Site Scripting Vulnerabilities:
Field 1: Email Field in Profile Setting
Field 2: Academic Term field in Academic Terms Page
Field 3: Class Name field in Classes Page
Field 4: Subject field in Subjects Page
Field 5: Remark field in Grading System Page
Field 6: Division field in Division System Page
Field 7: Title field in Announcement Page
|
|---|
| Quelle | ⚠️ https://github.com/0xEricTee/CVE/blob/main/Research/Stored_XSS.md |
|---|
| Benutzer | erictee2802 (UID 86165) |
|---|
| Einreichung | 05.06.2025 07:10 (vor 1 Jahr) |
|---|
| Moderieren | 05.06.2025 14:17 (7 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 311241 [SourceCodester Student Result Management System 1.0 Profile Setting Page update_profile Cross Site Scripting] |
|---|
| Punkte | 20 |
|---|