CVE-2025-28121

Medium

Low Medium High Critical

6.1

CVSS Score

Published: Apr 21, 2025

Last Modified: Apr 24, 2025

Vulnerability Description

code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

1 configuration(s) from 1 vendor(s)

online_exam_mastering_system

Version:

1.0

CPE:

cpe:2.3:a:code-projects:online_exam_mastering_system:1.0:*:*:*:*:*:*:*

This vulnerability affects 1 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

6.1

out of 10.0

Medium

Key Information

Published Date: April 21, 2025

External Resources

NIST NVD

National Vulnerability Database

CVE Details

Detailed vulnerability info

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages