CVE-2025-4469: SourceCodester Online Student Clearance System add-admin.php cross site scripting
First published: Fri May 09 2025(Updated: )
A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument Username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SourceCodester Online Student Clearance System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4469?
CVE-2025-4469 is classified as problematic due to cross-site scripting vulnerabilities.
How do I fix CVE-2025-4469?
To fix CVE-2025-4469, validate and sanitize user input in the Username field to prevent cross-site scripting.
Which software is affected by CVE-2025-4469?
CVE-2025-4469 affects SourceCodester Online Student Clearance System version 1.0.
What kind of attack can CVE-2025-4469 facilitate?
CVE-2025-4469 can facilitate cross-site scripting attacks that may compromise user data.
Is there a patch available for CVE-2025-4469?
As of now, there is no specific patch available for CVE-2025-4469, so immediate remediation is advised.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/last-modified-date
- agent/event
- collector/epss-latest
- source/FIRST
- agent/tags
- agent/epss
- agent/source
- vendor/sourcecodester
- canonical/sourcecodester online student clearance system