| Название | SourceCodester Student Result Management System 1.0 Cross Site Scripting |
|---|
| Описание | Stored Cross Site Scripting vulnerabilities were discovered in multiple spots in Student Result Management System v1.0. Specifically, the application contains 4 different roles in the system, there are Administrator, Academic Teacher, Teacher and Student roles. As an Academic Teacher account, the below fields are vulnerable to Stored Cross Site Scripting Vulnerabilities:
Field 1: Email Field in Profile Setting
Field 2: Academic Term field in Academic Terms Page
Field 3: Class Name field in Classes Page
Field 4: Subject field in Subjects Page
Field 5: Remark field in Grading System Page
Field 6: Division field in Division System Page
Field 7: Title field in Announcement Page
|
|---|
| Источник | ⚠️ https://github.com/0xEricTee/CVE/blob/main/Research/Stored_XSS.md |
|---|
| Пользователь | erictee2802 (UID 86165) |
|---|
| Представление | 05.06.2025 07:10 (1 Год назад) |
|---|
| Модерация | 05.06.2025 14:17 (7 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 311241 [SourceCodester Student Result Management System 1.0 Profile Setting Page update_profile межсайтовый скриптинг] |
|---|
| Баллы | 20 |
|---|