CVE-2023-46026
Severity
4.8MEDIUM
EPSS
0.1%
top 65.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 14
Latest updateNov 15
Description
Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7