4 matches found
CVE-2025-1082
A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...
CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting
A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...
CVE-2025-1082
Mindskip xzs-mysql (3.9.0) has a Cross-Site Scripting (XSS) vulnerability in the Exam Edit Handler, specifically in /api/admin/question/edit. The issue arises from manipulating the title/content parameters of that API, allowing remote attackers to inject script. Public exploit information exists ...
CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting
A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...