| Titolo | SourceCodester Student Result Management System 1.0 Cross Site Scripting |
|---|
| Descrizione | Stored Cross Site Scripting vulnerabilities were discovered in multiple spots in Student Result Management System v1.0. Specifically, the application contains 4 different roles in the system, there are Administrator, Academic Teacher, Teacher and Student roles. As an Academic Teacher account, the below fields are vulnerable to Stored Cross Site Scripting Vulnerabilities:
Field 1: Email Field in Profile Setting
Field 2: Academic Term field in Academic Terms Page
Field 3: Class Name field in Classes Page
Field 4: Subject field in Subjects Page
Field 5: Remark field in Grading System Page
Field 6: Division field in Division System Page
Field 7: Title field in Announcement Page
|
|---|
| Fonte | ⚠️ https://github.com/0xEricTee/CVE/blob/main/Research/Stored_XSS.md |
|---|
| Utente | erictee2802 (UID 86165) |
|---|
| Sottomissione | 05/06/2025 07:10 (1 Anno fa) |
|---|
| Moderazione | 05/06/2025 14:17 (7 hours later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 311241 [SourceCodester Student Result Management System 1.0 Profile Setting Page update_profile cross site scripting] |
|---|
| Punti | 20 |
|---|