Unrated severityNVD Advisory· Published Jul 7, 2023· Updated Nov 13, 2024
CVE-2023-36256
CVE-2023-36256
Description
The Online Examination System Project 1.0 version is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin's consent. The email of the user to be deleted is passed as a parameter in the URL, which can be manipulated by the attacker. This could result in a loss of data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Online Examination System Project/Online Examination System Projectdescription
- Range: = 1.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.