Cross Site Scripting Vulnerability in SourceCodester Online Student Clearance System
CVE-2025-5984

5.1MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Online Student Clearance System
Vendor
CVE Published:
10 June 2025

What is CVE-2025-5984?

A cross site scripting vulnerability has been identified in the SourceCodester Online Student Clearance System 1.0. This flaw exists within an unspecified functionality of the /Admin/add-fee.php file, where an unregulated manipulation of the 'txtamt' argument can allow attackers to inject malicious scripts. This vulnerability is particularly concerning as it can be exploited remotely, enabling attackers to execute arbitrary scripts in the context of the user's browser. The exploitation of this vulnerability poses a significant threat to user data integrity and application security.

Affected Version(s)

Online Student Clearance System 1.0

References

https://vuldb.com/?id.311899
vdb-entrytechnical-description
https://vuldb.com/?ctiid.311899
signaturepermissions-required
https://vuldb.com/?submit.592554
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

snoopyloopyme (VulDB User)
.