Guest User

CVE-2019-14696

a guest
Aug 6th, 2019
1,554
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. CVE-2019-14696.
  2. > [description]
  3. > Open-School 3.0, and Community Edition 2.3, allows XSS via the
  4. > osv/index.php?r=students/guardians/create id parameter.
  5. >
  6. > ------------------------------------------
  7. >
  8. > [Vulnerability Type]
  9. > Cross Site Scripting (XSS)
  10. >
  11. > ------------------------------------------
  12. >
  13. > [Vendor of Product]
  14. > https://open-school.org
  15. >
  16. > ------------------------------------------
  17. >
  18. > [Affected Product Code Base]
  19. > Open-School Community Edition - 2.3
  20. > Open-School - 3.0
  21. >
  22. > ------------------------------------------
  23. >
  24. > [Attack Type]
  25. > Remote
  26. >
  27. > ------------------------------------------
  28. >
  29. > [Impact Code execution]
  30. > true
  31. >
  32. > ------------------------------------------
  33. >
  34. > [Attack Vectors]
  35. > Open a crafted URL
  36. >
  37. > ------------------------------------------
  38. >
  39. > [Reference]
  40. > https://open-school.org
  41. Use CVE-2019-14696.
RAW Paste Data