CVE-2024-13143 | ZeroWdd studentmanager 1.0 PermissionController. java submitAddPermission url cross site scripting

Posted by Angelo Barbosa | Jan 5, 2025 | CVE

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting.

The identification of this vulnerability is CVE-2024-13143. The attack may be initiated remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2024-13143 | ZeroWdd studentmanager 1.0 PermissionController. java submitAddPermission url cross site scripting

Related Posts

CVE-2024-0956 | WP ERP Plugin up to 1.12.9 on WordPress sql injection

CVE-2024-42442 | Zoom Workplace Desktop App/Meeting SDK/Rooms Client up to 6.1.4 on macOS privileges management

CVE-2024-5837 | Google Chrome prior 126.0.6478.54 V8 type confusion (ID 342415)

CVE-2024-5720 | Logsign Unified SecOps Platform command injection