code-projects Agro-School Management System btn_functions.php doAddQuestion cross site scripting
CVE-2023-3060

3.5LOW

Key Information:

Vendor: Code-projects
Status: Agro-school Management System
Vendor: CVE Published:; 2 June 2023

Summary

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btn_functions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated remotely. VDB-230566 is the identifier assigned to this vulnerability.

Affected Version(s)

Agro-School Management System 1.0

References

https://vuldb.com/?id.230566

vdb-entrytechnical-description

https://vuldb.com/?ctiid.230566

signaturepermissions-required

https://github.com/hotencode/CveHub/blob/main/agricultura...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 2, 2023
Vulnerability Reserved
Jun 2, 2023

Credit

ZhangWang (VulDB User)