PT-2026-28709 · Unknown · Qdocs Smart School Management System

Casmit2004

Publicado

2026-03-27

Atualizado

2026-03-28

CVE-2026-4991

CVSS v2.0

4.0

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions QDOCS Smart School Management System versions up to 7.2

Description A cross site scripting issue exists in QDOCS Smart School Management System. The issue is located in the Admission Enquiry Module, specifically within the /admin/enquiry file. Manipulating the Note argument can trigger the issue. The attack can be carried out remotely.

Recommendations Versions prior to 7.2 should be updated.

Correção

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2026-4991

Produtos afetados

Qdocs Smart School Management System

PT-2026-28709 · Unknown · Qdocs Smart School Management System

CVE-2026-4991

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7