CVE-2025-25949 | Serosoft Academia Student Information System EagleR 1.0.118 update User ID cross site scripting

Inserito da Angelo Barbosa | Mar 3, 2025 | CVE

A vulnerability classified as problematic has been found in Serosoft Academia Student Information System EagleR 1.0.118. This affects an unknown part of the file /rest/staffResource/update. The manipulation of the argument User ID leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-25949. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-25949 | Serosoft Academia Student Information System EagleR 1.0.118 update User ID cross site scripting

Post correlati

CVE-2024-57632 | MonetDB Server 11.49.1 SQL is_column_unique denial of service (Issue 7441)

CVE-2024-1647 | Pyhtml2pdf 0.0.6 cross site scripting

CVE-2024-39323 | aimeos ai-admin-graphql up to 2022.10.9/2023.10.5/2024.04.5 insufficient granularity of access control (GHSA-vc7j-99jw-jrqm)

CVE-2024-35757 | 5 Star Plugins Easy Age Verify Plugin up to 1.8.2 on WordPress cross site scripting