| ID |
CVE-2026-4578
|
| Sažetak |
A vulnerability was determined in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/update_s3.php. Executing a manipulation of the argument sname can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. |
| Reference |
|
| CVSS |
| Base: | 3.3 |
| Impact: | 2.9 |
| Exploitability: | 6.4 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
MULTIPLE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
PARTIAL |
NONE |
|
| CVSS vektor |
AV:N/AC:L/Au:M/C:N/I:P/A:N |
| Zadnje važnije ažuriranje |
23-03-2026 - 14:31 |
| Objavljeno |
23-03-2026 - 08:16 |
