Unrated severityNVD Advisory· Published Dec 23, 2020· Updated Aug 4, 2024
CVE-2020-28071
CVE-2020-28071
Description
SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SourceCodester/Alumni Management Systemdescription
- Range: =1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.