Lucene search

MitreVULNRICHMENT:CVE-2023-47446

HistoryNov 15, 2023 - 12:00 a.m.

CVE-2023-47446

2023-11-1500:00:00

mitre

github.com

pre-school enrollment

xss

fullname parameter

profile.php

cve-2023-47446

AI Score

6.1

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter.

References

github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md