PT-2024-26560 · Sourcecodester · Sourcecodester Computer Laboratory Management System
Published
2024-05-28
·
Updated
2024-08-01
·
CVE-2024-35583
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Sourcecodester Laboratory Management System version 1.0
Description
A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the
Remarks input field.Recommendations
For Sourcecodester Laboratory Management System version 1.0, consider validating and sanitizing user input in the
Remarks field to prevent the injection of malicious scripts. As a temporary workaround, restrict access to the Remarks input field until a patch is available.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sourcecodester Computer Laboratory Management System