CVE-2025-0342

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20Computer%20Laboratory%20Management%20System.md", "name": "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20Computer%20Laboratory%20Management%20System.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.290829", "name": "VDB-290829 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?id.290829", "name": "VDB-290829 | CampCodes Computer Laboratory Management System edit cross site scripting", "tags": ["VDB Entry", "Third Party Advisory"], "refsource": ""}, {"url": "https://vuldb.com/?submit.476897", "name": "Submit #476897 | CampCodes Computer Laboratory Management System 1.0 Stored Cross-Site Scripting (XSS)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://www.campcodes.com/", "name": "https://www.campcodes.com/", "tags": ["Product"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument s_lname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-0342", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}}, "publishedDate": "2025-01-09T08:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:campcodes:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-03T17:42Z"}