CVE-2023-1593

CWE-79 — Cross-site Scripting (XSS)CWE-8206 documents6 sources

Severity

6.1MEDIUM

EPSS

0.2%

top 59.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Automatic Question Paper Generator System Automatic Question Paper Generator System Project Automatic Question Paper Generator System

Timeline

PublishedMar 23

Latest updateDec 9

Description

A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=save_class. The manipulation of the argument description leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-223661 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5sourcecodester/automatic_question_paper_generator_system1.0

▶NVDautomatic_question_paper_generator_system_project/automatic_question_paper_generator_system1.0

🔴Vulnerability Details

OSV

net: read sk->sk_family once in sk_mc_loop()↗2025-12-09

▶

CVEList

SourceCodester Automatic Question Paper Generator System cross site scripting↗2023-03-23

▶

GHSA

GHSA-f9pw-qfpr-85pv: A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1↗2023-03-23

▶