Enviar #748328: code-projects Online Student Management System in PHP latest (no version specified by vendor) Cross-Site Scriptinginformación

Títulocode-projects Online Student Management System in PHP latest (no version specified by vendor) Cross-Site Scripting
DescripciónA stored cross-site scripting (XSS) vulnerability exists in the Online Student Management System in PHP. Authenticated administrators can inject arbitrary JavaScript code via the announcement management module. The malicious payload is stored in the backend database and executed automatically when other users view the affected announcement, leading to potential session hijacking and unauthorized actions.
Fuente⚠️ https://github.com/baguette168/CVE/issues/1
Usuario
 baguette168 (UID 94957)
Sumisión2026-01-28 16:49 (hace 3 meses)
Moderación2026-02-07 09:28 (10 days later)
EstadoAceptado
Entrada de VulDB344858 [code-projects Online Student Management System 1.0 Announcement Management index.php?view=add secuencias de comandos en sitios cruzados]
Puntos19

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!