A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 03 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Kashipara
Kashipara responsive School Management System
CPEs cpe:2.3:a:kashipara:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*
Vendors & Products Kashipara
Kashipara responsive School Management System
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}


Thu, 08 Aug 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Lopalopa
Lopalopa responsive School Management System
Weaknesses CWE-79
CPEs cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*
Vendors & Products Lopalopa
Lopalopa responsive School Management System
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}


Wed, 07 Aug 2024 18:15:00 +0000

Type Values Removed Values Added
Description A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-03T18:16:30.775Z

Reserved: 2024-07-18T00:00:00

Link: CVE-2024-41241

cve-icon Vulnrichment

Updated: 2024-09-03T18:16:24.275Z

cve-icon NVD

Status : Modified

Published: 2024-08-07T18:15:37.703

Modified: 2024-09-03T19:35:14.190

Link: CVE-2024-41241

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.