SourceCodester Online Student Admission System Student User Page edit-profile.php cross site scripting

I SourceCodester Online Student Admission System har en problematisksvag punkt upptäckte. Som påverkar en okänd funktion filen edit-profile.php av komponenten Student User Page. Manipulering med ingången <script>alert(/xss/)</script> en okänd ingång leder till en sårbarhet klass cross site scripting svag punkt. Den rådgivande finns tillgänglig för nedladdning på github.com. Denna svaga punkt är känd som CVE-2022-2681. Attacken på nätet kan. Det finns tekniska detaljer känd. Han deklarerade proof-of-concept. Den exploit kan laddas ner från github.com. En möjlig åtgärd har utfärdats före och inte efter offentliggörandet.

Fält05/08/2022 20:5905/08/2022 21:0030/08/2022 15:55
vendorSourceCodesterSourceCodesterSourceCodester
nameOnline Student Admission SystemOnline Student Admission SystemOnline Student Admission System
componentStudent User PageStudent User PageStudent User Page
fileedit-profile.phpedit-profile.phpedit-profile.php
cwe79 (cross site scripting)79 (cross site scripting)79 (cross site scripting)
risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iLLL
cvss3_vuldb_aNNN
cvss3_vuldb_ePPP
cvss3_vuldb_rcRRR
urlhttps://github.com/895515845/Online-Student-Admission-Systemhttps://github.com/895515845/Online-Student-Admission-Systemhttps://github.com/895515845/Online-Student-Admission-System
availability111
publicity111
urlhttps://github.com/895515845/Online-Student-Admission-Systemhttps://github.com/895515845/Online-Student-Admission-Systemhttps://github.com/895515845/Online-Student-Admission-System
cveCVE-2022-2681CVE-2022-2681CVE-2022-2681
responsibleVulDBVulDBVulDB
date1659650400 (05/08/2022)1659650400 (05/08/2022)1659650400 (05/08/2022)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciNNN
cvss2_vuldb_iiPPP
cvss2_vuldb_aiNNN
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcURURUR
cvss2_vuldb_auSSS
cvss2_vuldb_rlNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_rlXXX
cvss2_vuldb_basescore4.04.04.0
cvss2_vuldb_tempscore3.43.43.4
cvss3_vuldb_basescore3.53.53.5
cvss3_vuldb_tempscore3.23.23.2
cvss3_meta_basescore3.53.53.5
cvss3_meta_tempscore3.23.23.2
price_0day$0-$5k$0-$5k$0-$5k
input_value<script>alert(/xss/)</script><script>alert(/xss/)</script>
cve_assigned1659650400 (05/08/2022)
cve_nvd_summaryA vulnerability classified as problematic was found in SourceCodester Online Student Admission System. Affected by this vulnerability is an unknown functionality of the file edit-profile.php of the component Student User Page. The manipulation with the input alert(/xss/) leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205669 was assigned to this vulnerability.

TidigareÖversiktNästa

Do you need the next level of professionalism?

Upgrade your account now!