CNNVD-202509-3220 Information

CNNVD ID

CNNVD-202509-3220

Related CVE

CVE-2025-57205

• CNNVD Published: 2025-09-22

Description (Chinese)

Inilabs School Express是孟加拉国Inilabs公司的一款学校管理软件。 Inilabs School Express 6.2版本存在安全漏洞，该漏洞源于内容管理功能中对POSTed editor参数清理和编码不足，可能导致存储型跨站脚本攻击。

Description (English)

Inilabs School Express is a school management software for Inilabs in Bangladesh. There is a security loophole in Inilabs School Express version 6.2, which arises from inadequate cleaning and coding of POSTED editor parameters in content management functions, which may lead to storage-type cross-station script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

inMusic

Published

2025-09-22

Last Modified

2026-02-24

References

https://codecanyon.net/item/inilabs-school-management-system-express/11630340 https://grumpz.net/cve-2025-57205-stored-xss-in-inilabs-school-express-62-sms-express https://access.redhat.com/security/cve/cve-2025-57205