Enviar #750217: https://github.com/ZeroWdd/studentmanager/ https://github.com/ZeroWdd/studentmanager/issues 1.0 Improper Neutralization of Input During Web Page Generationinformación

Títulohttps://github.com/ZeroWdd/studentmanager/ https://github.com/ZeroWdd/studentmanager/issues 1.0 Improper Neutralization of Input During Web Page Generation
DescripciónThere is a stored XSS vulnerability in the leave management module of the Student Manager system. When a low-privilege user submits a malicious payload, an administrator clicking to view it may lead to the compromise of the administrator account.
Fuente⚠️ https://www.yuque.com/clockw1se/lts9x9/mxgrzspnzmpxu7e7
Usuario
 Clock12138 (UID 94875)
Sumisión2026-02-02 08:28 (hace 3 meses)
Moderación2026-02-07 18:45 (5 days later)
EstadoAceptado
Entrada de VulDB344904 [ZeroWdd studentmanager hasta 2151560fc0a50ec00426785ec1e01a3763b380d9 LeaveController.java addLeave Reason for Leave secuencias de comandos en sitios cruzados]
Puntos16

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!