A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
History

Fri, 10 Oct 2025 17:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:zerowdd:studentmanager:1.0:*:*:*:*:*:*:*

Mon, 06 Jan 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 05 Jan 2025 23:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Title ZeroWdd studentmanager PermissionController. java submitAddPermission cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:N/AC:L/Au:M/C:N/I:P/A:N'}

cvssV3_0

{'score': 2.4, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N'}

cvssV3_1

{'score': 2.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2025-01-05T23:31:04.583Z

Updated: 2025-01-06T14:47:00.646Z

Reserved: 2025-01-05T09:07:15.243Z

Link: CVE-2024-13143

cve-icon Vulnrichment

Updated: 2025-01-06T14:46:56.375Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-06T00:15:05.460

Modified: 2025-10-10T17:40:26.417

Link: CVE-2024-13143

cve-icon Redhat

No data.