CVE-2026-2201

Medium CVSS: 4.8

A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The code repository of the project has not been active for many years.

Vendor

Zerowdd

Product

Studentmanager

CWE

CWE-79

Yayın Tarihi

2026-02-09 02:16:03

Güncelleme

2026-03-05 21:31:55

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Studentmanager MEDIUM Zerowdd 2026

Referanslar

https://vuldb.com/?ctiid.344904 https://vuldb.com/?id.344904 https://vuldb.com/?submit.750217 https://www.yuque.com/clockw1se/lts9x9/mxgrzspnzmpxu7e7

Benzer Kayıtlar

Medium

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects…

Medium

CVE-2024-13192

A vulnerability, which was classified as problematic, was found in ZeroWdd myblog 1.0. Affected is the function update o…

Medium

CVE-2024-13191

A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function…

Medium

CVE-2024-13189

A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file sr…

Medium

CVE-2024-13143

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the functi…

Medium

CVE-2024-13142

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects…