Casap Automated Enrollment System Project: community verdicts
2 notable / known-exploited Casap Automated Enrollment System Project CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Casap Automated Enrollment System Project CVE, see NVD ↗.
- CVE-2021-3294MED 5.4EPSS 3%
CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.
- CVE-2021-27332MED 6.1EPSS 1%
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php.