CVE-2022-4401

LOW

Pallidlight Online Course Selection System - XSS

Title source: rule

Description

A vulnerability was found in pallidlight online-course-selection-system. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-215268.

Exploits (1)

gitee 42 stars

by pallidlight · javawriteup

https://gitee.com/pallidlight/online-course-selection-system/issues/I5XNHW

References (2)

[Exploit, Issue Tracking, Third Party Advisory] https://gitee.com/pallidlight/online-course-selection-system/issues/I5XNHW

[Third Party Advisory] https://vuldb.com/?id.215268

Scores

CVSS v3 3.5

EPSS 0.0029

EPSS Percentile 52.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-79 CWE-707

Status published

Products (1)

pallidlight_online_course_selection_system_project/pallidlight_online_course_selection_system

Published Dec 11, 2022

Tracked Since Feb 18, 2026