Vulnerability Description
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yungifez | Skuul | <= 2.6.5 |
Related Weaknesses (CWE)
References
- https://gist.github.com/thezeekhan/7fc54fd44bc5f318be0350b367b2d8ffExploitThird Party Advisory
- https://vuldb.com/?ctiid.333788Permissions RequiredVDB Entry
- https://vuldb.com/?id.333788Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.689012Third Party AdvisoryVDB Entry
- https://gist.github.com/thezeekhan/7fc54fd44bc5f318be0350b367b2d8ffExploitThird Party Advisory
- https://vuldb.com/?submit.689012Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-13784?
CVE-2025-13784 is a vulnerability with a CVSS score of 2.4 (LOW). A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. ...
How severe is CVE-2025-13784?
CVE-2025-13784 has been rated LOW with a CVSS base score of 2.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-13784?
Check the references section above for vendor advisories and patch information. Affected products include: Yungifez Skuul.