CVE-2025-46178

Name of the Vulnerable Software and Affected Versions CloudClassroom PHP Project (affected versions not specified)

Description A Cross-Site Scripting (XSS) issue exists in the CloudClassroom PHP Project, specifically in the askquery.php file, via the eid parameter. This allows remote attackers to inject arbitrary JavaScript code in the context of a victim's browser session by sending a crafted URL. The potential impact includes session hijacking or defacement.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.