CVE-2024-22936

MEDIUM

Genesis AIMS Student Info Sys <v.3053 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Parents & Student Portal in Genesis School Management Systems in Genesis AIMS Student Information Systems v.3053 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

References (2)

Core 2

Core References

Broken Link

https://github.com/SnoopJesus420/CVEs/blob/main/CVE-2023-

Exploit, Third Party Advisory

https://github.com/SnoopJesus420/CVEs/blob/main/CVEs-2024/CVE-2024-22936.md

View Exploit ZIP pw:eip

Scores

CVSS v3 6.1

EPSS 0.0014

EPSS Percentile 34.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

manuelaldape/parents_\&_student_portal 3053

Published Feb 29, 2024

Tracked Since Feb 18, 2026