Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CVE-2019-14696.
- > [description]
- > Open-School 3.0, and Community Edition 2.3, allows XSS via the
- > osv/index.php?r=students/guardians/create id parameter.
- >
- > ------------------------------------------
- >
- > [Vulnerability Type]
- > Cross Site Scripting (XSS)
- >
- > ------------------------------------------
- >
- > [Vendor of Product]
- > https://open-school.org
- >
- > ------------------------------------------
- >
- > [Affected Product Code Base]
- > Open-School Community Edition - 2.3
- > Open-School - 3.0
- >
- > ------------------------------------------
- >
- > [Attack Type]
- > Remote
- >
- > ------------------------------------------
- >
- > [Impact Code execution]
- > true
- >
- > ------------------------------------------
- >
- > [Attack Vectors]
- > Open a crafted URL
- >
- > ------------------------------------------
- >
- > [Reference]
- > https://open-school.org
- Use CVE-2019-14696.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement