Cross Site Scripting in PHPgurukl Hostel Management System by PHPgurukl
CVE-2023-34647

6.1MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Hostel Management System
Vendor: CVE Published:; 28 June 2023

Summary

The Hostel Management System by PHPgurukl, version 1.0, is susceptible to Cross Site Scripting (XSS) attacks, allowing attackers to inject malicious scripts into webpages viewed by users. This vulnerability can lead to unauthorized access to sensitive data and potentially compromise user accounts. Timely updates and security patches are essential to safeguard against such threats.

References

https://github.com/ckalnarayan/Common-Vulnerabilities-and...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jun 28, 2023
Vulnerability Reserved
Jun 7, 2023