Cross Site Scripting Vulnerability in SourceCodester E-Learning System
CVE-2025-1589
5.3MEDIUM
Summary
A cross site scripting vulnerability exists in the SourceCodester E-Learning System version 1.0, specifically within the user registration handler at /register.php. An attacker may exploit this issue remotely by manipulating the input to inject malicious scripts. This could lead to unauthorized access, data theft, or further malicious actions against users. It is crucial to apply patches and take preventative measures to mitigate this risk.
Affected Version(s)
E-Learning System 1.0
References
CVSS V4
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Dariusz (VulDB User)