CVE-2023-36317

MEDIUM

Sourcecodester Student Study Center Desk Mgmt Sys 1.0 - XSS

Title source: llm

Description

Cross Site Scripting (XSS) vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL.

References (3)

Core 3

Core References

Exploit, Third Party Advisory

https://github.com/oye-ujjwal/CVE/blob/main/CVE-2023-36317

View Exploit ZIP pw:eip

Not Applicable

https://www.sourcecodester.com

Product

https://www.sourcecodester.com/php/16298/student-study-center-desk-management-system-using-php-oop-and-mysql-db-free-source-code

Scores

CVSS v3 4.8

EPSS 0.0010

EPSS Percentile 28.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

oretnom23/student_study_center_desk_management_system 1.0

Published Aug 23, 2023

Tracked Since Feb 18, 2026