| 标题 | code-projects Student Information System 2.0 Improper Neutralization of Alternate XSS Syntax |
|---|
| 描述 | The `editprofile.php` file contains firstname parameter an unrestricted cross-site scripting (XSS) vulnerability, leading to a stored XSS attack. Malicious attackers can exploit this vulnerability to obtain sensitive information from the client side. |
|---|
| 来源 | ⚠️ https://github.com/asd1238525/cve/blob/main/xss7.md |
|---|
| 用户 | yunlin (UID 79129) |
|---|
| 提交 | 2025-11-02 10時33分 (6 月前) |
|---|
| 管理 | 2025-11-15 07時57分 (13 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 332571 [code-projects Student Information System 2.0 /editprofile.php 跨网站脚本] |
|---|
| 积分 | 17 |
|---|