CNNVD-202602-1396 Information

CNNVD ID

CNNVD-202602-1396

Related CVE

CVE-2026-2201

• CNNVD Published: 2026-02-09

Description (Chinese)

StudentManager是huanfenz个人开发者的一个学生管理系统。 StudentManager存在代码注入漏洞，该漏洞源于对文件src/main/java/com/wdd/studentmanager/controller/LeaveController.java中参数Reason for Leave的错误操作，可能导致跨站脚本攻击。

Description (English)

Student Manager is a student management system for the personal developers of Huanfenz. StudentManager has a code-in-code loophole, which stems from an error in the parameter Reason for Leave in document src/main/java/com/wdd/studentmanager/controller/LeaveController.java, which may result in a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2026-02-09

Last Modified

2026-02-24

References

https://vuldb.com/?id.344904 https://vuldb.com/?ctiid.344904 https://vuldb.com/?submit.750217 https://www.yuque.com/clockw1se/lts9x9/mxgrzspnzmpxu7e7 https://access.redhat.com/security/cve/cve-2026-2201