Lucene search
CVE-2023-2814
Vulnerability found in SourceCodester Class Scheduling System 1.0 allows remote attackers to launch cross site scripting attack via manipulation of Academic_Rank argument in /admin/save_teacher.php
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | Cross site scripting | 19 May 202317:15 | – | prion |
 | Class Scheduling System Cross-Site Scripting Vulnerability | 23 May 202300:00 | – | cnvd |
 | CVE-2023-2814 SourceCodester Class Scheduling System POST Parameter save_teacher.php cross site scripting | 19 May 202316:00 | – | cvelist |
 | CVE-2023-2814 | 19 May 202317:15 | – | nvd |
[
{
"vendor": "SourceCodester",
"product": "Class Scheduling System",
"versions": [
{
"version": "1.0",
"status": "affected"
}
],
"modules": [
"POST Parameter Handler"
]
}
]| Source | Link |
|---|---|
| vuldb | www.vuldb.com/ |
| github | www.github.com/jiy2020/bugReport/blob/main/XSS.md |
| vuldb | www.vuldb.com/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| Academic_Rank | request body | /admin/save_teacher.php | Cross-site Scripting (XSS) vulnerability through manipulation of the Academic_Rank parameter. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo19 May 2023 17:15Current
4.8Medium risk
Vulners AI Score4.8
CVSS24
CVSS33.5 - 6.1
EPSS0.00116