itning Student Homework Management System Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in itning Student Homework Management System versions through 1.2.7. This vulnerability allows attackers to manipulate requests and perform actions on behalf of users without their consent. The issue arises because the application does not adequately verify whether a request was intentionally made by the user. As a result, an attacker could exploit this vulnerability to, for example, add courses or perform other operations that require user interaction.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of the user, potentially allowing for the manipulation of data or application state.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

itning Student Homework Management System Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating