CVE-2021-39408
MEDIUMOnline Student Rate System 1.0 - Cross-Site Scripting via Index.php Page Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-39408. PoCs published by StefanDorresteijn.
AI-analyzed exploit summary The repository describes a reflected XSS vulnerability in the Online Student Rate System application, where the `page` parameter in `index.php` is vulnerable to arbitrary JavaScript execution. The README provides a clear example of the exploit but does not include functional exploit code.
Description
Cross Site Scripting (XSS) vulnerability exists in Online Student Rate System 1.0 via the page parameter on the index.php file
Exploits (1)
The repository describes a reflected XSS vulnerability in the Online Student Rate System application, where the `page` parameter in `index.php` is vulnerable to arbitrary JavaScript execution. The README provides a clear example of the exploit but does not include functional exploit code.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N