Lucene search
+L

4 matches found

nvd
nvd
added 2025/02/06 11:15 p.m.27 views

CVE-2025-1082

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

5.4CVSS0.00376EPSS
Exploits1References4
cvelist
cvelist
added 2025/02/06 10:31 p.m.31 views

CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

5.1CVSS0.00376EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2025/02/06 10:31 p.m.8 views

CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

5.1CVSS6AI score0.00376EPSS
Exploits1References4
cve
cve
added 2025/02/06 10:31 p.m.112 views

CVE-2025-1082

Mindskip xzs-mysql (3.9.0) has a Cross-Site Scripting (XSS) vulnerability in the Exam Edit Handler, specifically in /api/admin/question/edit. The issue arises from manipulating the title/content parameters of that API, allowing remote attackers to inject script. Public exploit information exists ...

5.4CVSS3.8AI score0.00376EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder