Cross Site Scripting Vulnerability in Code-Projects Exam Form Submission
CVE-2023-42308

6.1MEDIUM

Key Information:

Vendor: Code-Projects
Status: Exam Form Submission
Vendor: CVE Published:; 12 March 2024

🔔 Create Code-Projects Vulnerability Alert

What is CVE-2023-42308?

The vulnerability identified within Code-Projects Exam Form Submission 1.0 involves a Cross Site Scripting (XSS) flaw that can be exploited through the 'Subject Name' and 'Subject Code' sections. This weakness enables attackers to inject and execute arbitrary code, potentially compromising the integrity of user data and the overall security of the application. Organizations using this software are recommended to assess their exposure to this vulnerability and implement measures to safeguard their systems.

References

https://github.com/ASR511-OO7/CVE-2023-42308/blob/main/CVE-7

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2024
Vulnerability Reserved
Sep 8, 2023

CVE-2023-42308 Data

JSON