CVE-2025-29427

CVSS 5.9 MEDIUMEPSS 0.2%CWE-80

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.9EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

17 Mar 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in profile.php via the member_first and member_last parameters.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/872323857/CVE/blob/main/Online%20Class%20and%20Exam%20Scheduling%20System-profile.pdf