CVE-2022-45223: XSS
First published: Mon Nov 28 2022(Updated: )
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /Admin/add-student.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Student Clearance System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2022-45223.
What is the severity level of CVE-2022-45223?
The severity level of CVE-2022-45223 is medium (4.8).
What is the affected software?
The affected software is Web-Based Student Clearance System v1.0.
Which component of Web-Based Student Clearance System is vulnerable?
The vulnerable component is /Admin/add-student.php.
How can attackers exploit this vulnerability?
Attackers can exploit this vulnerability by injecting a crafted payload into the txtfullname parameter to execute arbitrary web scripts or HTML.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/author
- agent/last-modified-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/web-based student clearance system project
- canonical/student clearance system
- version/student clearance system/1.0