CNNVD-202510-1187 Information
CNNVD ID
CNNVD-202510-1187
Related CVE
- CNNVD Published: 2025-10-08
Description (Chinese)
itsourcecode Leave Management System是itsourcecode开源的一个休假管理系统。 itsourcecode Leave Management System 1.0版本存在跨站脚本漏洞,该漏洞源于对文件/module/employee/controller.php中参数ID的错误操作,可能导致跨站脚本攻击。
Description (English)
Its sourcecode Leave Management System is an open-source leave management system. Version 1.0 of its sourcecode Leave Management System has a cross-site script loophole, which results from the wrong operation of parameter ID in document/module/employee/controller.php, which may result in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
跨站脚本
Affected Vendor
itsourcecode
Published
2025-10-08
Last Modified
2026-02-24
References
https://vuldb.com/?submit.666541 https://github.com/romatdibrohiksnov/vulndb.com/blob/main/itsourcecode%20Leave%20Management%20System%20%E2%80%94%20Reflected%20Cross-Site%20Scripting%20(XSS)/readme.md https://vuldb.com/?id.327370 https://vuldb.com/?ctiid.327370 https://itsourcecode.com/
Share on: