CVE-2025-41107P4MEDIUMCVSS 5.4v7.02025-11-10
CVE-2025-41107 [MEDIUM] CWE-79 CVE-2025-41107: Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 due to lack of proper validation
Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/online_admission', wich affects the parameters 'firstname', 'lastname', 'guardian_name' and others. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user
nvd