CVE-2025-0559

Name of the Vulnerable Software and Affected Versions Campcodes School Management Software version 1.0

Description A cross-site scripting issue has been found in the Create Id Card Page component, specifically in the file /create-id-card. The manipulation of the ID Card Title argument leads to cross-site scripting. The attack may be initiated remotely. An exploit for this issue has been publicly disclosed.

Recommendations For Campcodes School Management Software version 1.0, consider disabling the Create Id Card Page component or restricting access to the /create-id-card file until a patch is available. Additionally, avoid using the ID Card Title argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.