PT-2023-21640 · Sourcecodester · Sourcecodester Class Scheduling System
Joicygiore
·
Published
2023-05-21
·
Updated
2025-09-30
·
CVE-2023-2826
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Class Scheduling System version 1.0
Description
A vulnerability has been found in the SourceCodester Class Scheduling System, affecting the file search teacher result.php of the component POST Parameter Handler. The manipulation of the
teacher argument leads to cross-site scripting. The attack can be initiated remotely.Recommendations
For version 1.0, consider disabling the
teacher argument in the POST Parameter Handler to minimize the risk of exploitation until a patch is available. Restrict access to the search teacher result.php file to minimize the risk of remote attacks.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sourcecodester Class Scheduling System