CVE-2025-5722 MEDIUM

CVE-2025-5722: SourceCodester Student Result Management System Add Academic Term terms cross site scripting

Vendor Sourcecodester

Product Student Result Management System

Weakness CWE-79 · XSS

Published June 6, 2025

Last update June 9, 2025

View on NVD All CVEs

CVSS base score

4.8/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /script/academic/terms of the component Add Academic Term. The manipulation of the argument Academic Term leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

June 6, 2025 CVE published

June 9, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-5722

Related vulnerabilities

04Related CVE

CVE-2025-62923 WordPress Marquee Addons for Elementor plugin <= 3.8.2 - Cross Site Scripting (XSS) vulnerability CVE-2024-13202 wander-chu SpringBoot-Blog Blog Article PageController.java modifiyArticle cross site scripting CVE-2026-27948 Copyparty vulnerable to eflected cross-site scripting via setck parameter CVE-2025-13127 XSS in TACAS Consulting's GoldenHorn CVE-2023-2302 Contact Form and Calls To Action by vcita <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting