CVE-2023-5930
Summary
A cross-site scripting (XSS) vulnerability has been identified in Campcodes Simple Student Information System 1.0. The flaw exists in the manage_academic.php file, allowing remote attackers to manipulate the 'student_id' argument. This vulnerability has been publicly disclosed and may be exploited.
IFF Assessment
FOE
This vulnerability allows for remote exploitation, posing a direct threat to systems and user data.
Severity
3.5
Low
Defender Context
Defenders should be aware of this XSS vulnerability in the Campcodes Simple Student Information System. Organizations using this software should prioritize patching or implementing mitigating controls to prevent potential data theft or session hijacking via malicious scripts.