CVE-2024-13143

Medium CVSS: 5.1

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Vendor

Zerowdd

Product

Studentmanager

CWE

CWE-79

Yayın Tarihi

2025-01-06 00:15:05

Güncelleme

2025-10-10 17:40:26

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Studentmanager MEDIUM Zerowdd 2025

Referanslar

https://github.com/ZeroWdd/manager-system/issues/7 https://vuldb.com/?ctiid.290231 https://vuldb.com/?id.290231 https://vuldb.com/?submit.469217

Benzer Kayıtlar

Medium

CVE-2026-2201

A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. Thi…

Medium

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects…

Medium

CVE-2024-13192

A vulnerability, which was classified as problematic, was found in ZeroWdd myblog 1.0. Affected is the function update o…

Medium

CVE-2024-13191

A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function…

Medium

CVE-2024-13189

A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file sr…

Medium

CVE-2024-13142

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects…