School Express
1 CVEs
product
Monthly
iNiLabs School Express (SMS Express) 6.2 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the content-management features available to authenticated admin users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Privilege Escalation
XSS
School Express
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-57205
EPSS 0%
CVSS 5.4
MEDIUM
POC
This Month
iNiLabs School Express (SMS Express) 6.2 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the content-management features available to authenticated admin users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Privilege Escalation
XSS
School Express
NVD