Back

CVE-2024-35352

May 30, 2024, 6:18 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Diño Physics School Assistant

  • 2.3

Source

cve@mitre.org

Tags

cve@mitre.org
2024-05-30
CVE-2024-35352

CVE-2024-35352 details

Published : May 30, 2024, 5:15 p.m.
Last Modified : May 30, 2024, 6:18 p.m.

Description

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://vuln.pentester.stream/pentester-vulnerability-research/post/2298742/vuln7-stored-cross-site-scripting-xss cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.