Cloudclassroom

cloudclassroom

Vendor: Vishalmathur • 2 CVEs

CVEs (2)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

1Vishalmathur

1Cloudclassroom

Aug 6, 2025

Jul 31, 2025

N/A· v4

6.1 MEDIUM· v3

N/A· v2

CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript...Show more

CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading to session hijacking or phishing attacks.Show less

1Vishalmathur

1Cloudclassroom

Aug 6, 2025

Jul 31, 2025

N/A· v4

6.5 MEDIUM· v3

N/A· v2

A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization.