| Title | code-projects Student Information System 2.0 Improper Neutralization of Alternate XSS Syntax |
|---|
| Description | The `editprofile.php` file contains firstname parameter an unrestricted cross-site scripting (XSS) vulnerability, leading to a stored XSS attack. Malicious attackers can exploit this vulnerability to obtain sensitive information from the client side. |
|---|
| Source | ⚠️ https://github.com/asd1238525/cve/blob/main/xss7.md |
|---|
| User | yunlin (UID 79129) |
|---|
| Submission | 11/02/2025 10:33 (6 months ago) |
|---|
| Moderation | 11/15/2025 07:57 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 332571 [code-projects Student Information System 2.0 /editprofile.php cross site scripting] |
|---|
| Points | 17 |
|---|