CVE-2022-2396

Name of the Vulnerable Software and Affected Versions SourceCodester Simple e-Learning System version 1.0

Description A problematic issue was found in the system, affecting an unknown functionality of the file /vcs/claire blake. The manipulation of the Bio argument with the input "> leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For SourceCodester Simple e-Learning System version 1.0, as a temporary workaround, consider restricting the input for the Bio argument to prevent cross-site scripting attacks until a patch is available. Avoid using the Bio argument in the affected file /vcs/claire blake until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.