| शीर्षक | SourceCodester Advanced School Management System with Complete Features V1.0 Cross Site Scripting |
|---|
| विवरण | During the security assessment of "Advanced School Management System with Complete", a critical stored cross-site scripting (XSS) vulnerability was identified in the "/index.php/notice/addNotice". This vulnerability is due to inadequate sanitization of user input for the 'noticeSubject' parameter. Attackers can inject malicious JavaScript code through this parameter, which will be executed when other users access the affected page. Immediate remediation is necessary to safeguard user data and maintain the security of the system. |
|---|
| स्रोत | ⚠️ https://github.com/lrjbsyh/CVE_Hunter/issues/3#issue-3313419319 |
|---|
| उपयोगकर्ता | M00n_L33 (UID 88858) |
|---|
| सबमिशन | 12/08/2025 12:41 PM (9 महीनों पहले) |
|---|
| संयम | 21/08/2025 07:49 AM (9 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 320911 [SourceCodester Advanced School Management System 1.0 addNotice noticeSubject क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 20 |
|---|