Lucene search
China National Vulnerability DatabaseCNVD-2023-74437HistoryFeb 10, 2022 - 12:00 a.m.
RosarioSIS cross-site scripting vulnerability (CNVD-2023-74437)
2022-02-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
RosarioSis is a student information system. It is used to manage students, create reports and make the right decisions. A cross-site scripting vulnerability exists in RosarioSIS version 8.2.1, which stems from a lack of data validation filtering on user-supplied data and output. An attacker can exploit this vulnerability to inject arbitrary HTML via the search_term parameter in Modules/Scheduling/Courses.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rosariosis rosariosis | eq | 8.2.1 |
Related
githubexploit
githubexploit
Exploit for Cross-site Scripting in Rosariosis
2022-02-14 07:31:01
Exploit for Cross-site Scripting in Rosariosis
2022-01-27 18:34:00
cve
cve
CVE-2021-45416
2022-02-01 13:15:09
osv
osv
RosarioSIS XSS Vulnerability
2022-02-02 00:01:46
CVE-2021-45416
2022-02-01 13:15:09
prion
prion
Cross site scripting
2022-02-01 13:15:00
cvelist
cvelist
CVE-2021-45416
2022-02-01 12:44:53
github
github
RosarioSIS XSS Vulnerability
2022-02-02 00:01:46
nvd
nvd
CVE-2021-45416
2022-02-01 13:15:09