Class Scheduling System is a class scheduling system. A cross-site scripting vulnerability exists in Class Scheduling System v1.0, which originates from the lack of effective filtering and escaping of user-supplied data in the Academic_Rank parameter of the file /admin/save_teacher.php in the component POST Parameter Handler, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a carefully crafted payload. This vulnerability can be exploited to execute arbitrary Web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
class scheduling system class scheduling system | eq | 1.0 |