CVE-2026-2201 | ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9 LeaveController.java addLeave Reason for Leave cross site scripting

A vulnerability classified as problematic has been found in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cross site scripting.

This vulnerability is listed as CVE-2026-2201. The attack may be initiated remotely. In addition, an exploit is available.

This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

The code repository of the project has not been active for many years.

CVE-2026-2201 | ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9 LeaveController.java addLeave Reason for Leave cross site scripting

Post correlati

CVE-2025-14565 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 login1.php Username sql injection

CVE-2022-27562 | HCL Domino Volt File Type Filter Policy unrestricted upload (KB0120722)

CVE-2025-7555 | code-projects Voting System 1.0 /admin/voters_add.php firstname/lastname sql injection

CVE-2025-4852 | TOTOLINK A3002R 2.1.1-B20230720.1011 VPN Page Comment cross site scripting