CVE-2024-31544

Published: 2024-04-09T13:15Z

Last Modified: 2025-04-11T14:56Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in /classes/Master.php?f=save_record. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt