Cross-Site Scripting Vulnerability in School Fees Management System by CodeIgniter
CVE-2023-49984

6.1MEDIUM

Key Information:

Vendor: CodeIgniter
Status: School Fees Management System
Vendor: CVE Published:; 21 March 2024

🔔 Create CodeIgniter Vulnerability Alert

What is CVE-2023-49984?

A cross-site scripting (XSS) vulnerability exists in the settings component of the School Fees Management System version 1.0. This issue can be exploited by an attacker through the injection of malicious scripts into the name parameter, potentially allowing the execution of arbitrary web scripts or HTML. As a result, it poses a risk to users who interact with the compromised application, as unauthorized actions may be executed on their behalf. Addressing this vulnerability is essential for maintaining the integrity and security of web applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.sourcecodester.com/php/15697/school-fees-mana...

https://github.com/geraldoalcantara/CVE-2023-49984

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 21, 2024
Vulnerability Reserved
Dec 4, 2023

JSON

CodeIgniter

What is CVE-2023-49984?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.