vendor:
Online Grades
by:
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: Online Grades
Affected Version From: 3.2.2005
Affected Version To: 3.2.2005
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Multiple Cross-Site Scripting Vulnerabilities in Online Grades
The Online Grades application fails to properly sanitize user-supplied data, resulting in multiple cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other attacks.
Mitigation:
To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization mechanisms in the Online Grades application to prevent the execution of malicious script code.