KASHIPARA E-learning Management System Project 10 (DC-2024-50836)

2024-11-18

Platform: KASHIPARA E-learning Management System Project
Version: 1.0
Vulnerability: Stored Cross-Site Scripting (XSS)
Severity: Medium
Date: November 14, 2024

A vulnerability exists in KASHIPARA E-learning Management System Project 1.0 that allows remote attackers to inject malicious scripts into the system through the “firstname” and “lastname” parameters in the “/admin/teachers.php” file. This could allow attackers to steal user data, redirect users to malicious websites, or perform other actions on the system.

What Undercode Says:

This vulnerability is rated as medium severity, so

Users of KASHIPARA E-learning Management System Project 1.0 should update to a patched version as soon as it is available.
In the meantime, administrators should be careful about the data they allow to be entered into the “firstname” and “lastname” fields.

Note: This information is for informational purposes only and should not be considered a substitute for professional security advice.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top