Lucene search
K

4 matches found

nvd
nvd
added 2025/02/06 11:15 p.m.26 views

CVE-2025-1082

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

5.4CVSS0.00376EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2025/02/06 10:31 p.m.7 views

CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

5.1CVSS6AI score0.00376EPSS
Exploits1References4
cve
cve
added 2025/02/06 10:31 p.m.111 views

CVE-2025-1082

Mindskip xzs-mysql (3.9.0) has a Cross-Site Scripting (XSS) vulnerability in the Exam Edit Handler, specifically in /api/admin/question/edit. The issue arises from manipulating the title/content parameters of that API, allowing remote attackers to inject script. Public exploit information exists ...

5.4CVSS3.8AI score0.00376EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2025/02/06 10:31 p.m.28 views

CVE-2025-1082 Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting

A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler. The manipulation of the argument title/content leads to cross site scripting. It is possible to...

5.1CVSS0.00376EPSS
Exploits1References4
Rows per page
Query Builder