A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
References
| Link | Resource |
|---|---|
| https://github.com/r04i7/CVE/blob/main/CVE-2024-35583.md | Exploit Technical Description |
| https://owasp.org/www-community/attacks/xss/ | Not Applicable |
| https://portswigger.net/web-security/cross-site-scripting/stored | Not Applicable |
| https://github.com/r04i7/CVE/blob/main/CVE-2024-35583.md | Exploit Technical Description |
| https://owasp.org/www-community/attacks/xss/ | Not Applicable |
| https://portswigger.net/web-security/cross-site-scripting/stored | Not Applicable |
Configurations
History
No history.
Information
Published : 2024-05-28 20:16
Updated : 2025-04-11 16:10
NVD link : CVE-2024-35583
Mitre link : CVE-2024-35583
CVE.ORG link : CVE-2024-35583
JSON object : View
Products Affected
oretnom23
- computer_laboratory_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')