N/A

Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component ip/school/moudel/update_subject.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Subject text field.

N/A

N/A

Advanced School Management System 跨站脚本漏洞

Advanced School Management System是Angel Jude Reyes Suarez个人开发者的一个学校管理系统。 Advanced School Management System v1.0版本存在安全漏洞，该漏洞源于通过组件 ip/school/moudel/update_subject.php 发现存在跨站点脚本 (XSS) 漏洞。攻击者利用该漏洞通过注入 Edit Subject 文本字段的特制有效负载执行任意 Web 脚本或 HTML。

N/A

N/A