CVE-2025-5984

CWE-79 — Cross-site Scripting (XSS)CWE-94 — Code Injection3 documents3 sources

Severity

5.1MEDIUM

EPSS

0.1%

top 66.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Online Student Clearance System Senior-walter Online Student Clearance System

Timeline

PublishedJun 10

Latest updateJun 11

Description

A vulnerability has been found in SourceCodester Online Student Clearance System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/add-fee.php. The manipulation of the argument txtamt leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/online_student_clearance_system1.0

▶NVDsenior-walter/online_student_clearance_system1.0

🔴Vulnerability Details

GHSA

GHSA-62hr-g8g6-pq8j: A vulnerability has been found in SourceCodester Online Student Clearance System 1↗2025-06-11

▶

CVEList

SourceCodester Online Student Clearance System add-fee.php cross site scripting↗2025-06-10

▶