CVE-2025-13795

Name of the Vulnerable Software and Affected Versions codingWithElias School Management System (affected versions not specified)

Description A weakness exists in codingWithElias School Management System. The issue involves cross site scripting triggered by manipulating the First Name argument within an unknown function of the /student-view.php file, part of the Edit Student Info Page component. Remote exploitation is possible, and the exploit has been publicly released. Other parameters may also be affected. The vendor was contacted regarding this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.