A cross-site scripting (XSS) vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page.
References
Link | Resource |
---|---|
https://drive.google.com/file/d/18OjJQA2-8-Hdt0HTMwp4aL_Mp_WuffvL/view?usp=sharing | Exploit Third Party Advisory |
https://github.com/RashidKhanPathan/CVE-2022-41445 | Exploit Third Party Advisory |
https://ihexcoder.wixsite.com/secresearch/post/cve-2022-41445-cross-site-scripting-in-teachers-record-management-system-using-codeignitor | Broken Link |
https://phpgurukul.com/teachers-record-management-system-using-codeigniter/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-11-22 14:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-41445
Mitre link : CVE-2022-41445
CVE.ORG link : CVE-2022-41445
JSON object : View
Products Affected
teacher_record_management_system_project
- teacher_record_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')