Unpatched Cross-Site Scripting Vulnerability in Student Management System
CVE-2024-48656

4.8MEDIUM

Key Information:

Vendor: unknown
Status: Student Management System
Vendor: CVE Published:; 22 October 2024

What is CVE-2024-48656?

A Cross Site Scripting (XSS) vulnerability has been identified in the student management system developed by LeiPudd. This flaw allows remote attackers to inject arbitrary scripts into web pages viewed by other users. Exploiting this vulnerability can lead to unauthorized access, serving malicious content, and execution of arbitrary code, posing significant risks to the integrity and confidentiality of user information. It is crucial for users and administrators to implement security patches and follow best practices to mitigate potential threats associated with this vulnerability.

References

https://github.com/LeiPudd/Student-Management-System-v1.0...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 22, 2024

unknown

What is CVE-2024-48656?

References

CVSS V3.1

Timeline