{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-0710","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-01-24T10:05:07.053Z","datePublished":"2025-01-24T21:00:21.431Z","dateUpdated":"2025-02-12T20:41:31.557Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-01-24T21:00:21.431Z"},"title":"CampCodes School Management Software Notice Board Page notice-list cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"Cross Site Scripting"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-94","lang":"en","description":"Code Injection"}]}],"affected":[{"vendor":"CampCodes","product":"School Management Software","versions":[{"version":"1.0","status":"affected"}],"modules":["Notice Board Page"]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /notice-list of the component Notice Board Page. The manipulation of the argument Notice leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"Es wurde eine problematische Schwachstelle in CampCodes School Management Software 1.0 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /notice-list der Komponente Notice Board Page. Dank der Manipulation des Arguments Notice mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}}],"timeline":[{"time":"2025-01-24T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-01-24T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-01-24T11:10:13.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"lucifer26 (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.293238","name":"VDB-293238 | CampCodes School Management Software Notice Board Page notice-list cross site scripting","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.293238","name":"VDB-293238 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.484934","name":"Submit #484934 | CampCodes School Management Software  1.0 Stored Cross Site Scripting Vulnerability (XSS)","tags":["third-party-advisory"]},{"url":"https://github.com/anamika126/Stackofvulnerabilities/blob/main/Stored%20Cross%20Site%20Scripting%20-%20Notice%20Board.pdf","tags":["exploit"]},{"url":"https://www.campcodes.com/","tags":["product"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2025-0710","role":"CISA Coordinator","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2025-01-24T21:18:10.298054Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-12T20:41:31.557Z"}}]}}