PT-2026-28709 · Unknown · Qdocs Smart School Management System
Casmit2004
+1
·
Published
2026-03-27
·
Updated
2026-03-28
·
CVE-2026-4991
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
QDOCS Smart School Management System versions up to 7.2
Description
A cross site scripting issue exists in QDOCS Smart School Management System. The issue is located in the Admission Enquiry Module, specifically within the
/admin/enquiry file. Manipulating the Note argument can trigger the issue. The attack can be carried out remotely.Recommendations
Versions prior to 7.2 should be updated.
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Qdocs Smart School Management System