Lucene search
MitreCVELIST:CVE-2020-15717HistoryJul 15, 2020 - 7:01 p.m.
CVE-2020-15717
2020-07-1519:01:43
mitre
www.cve.org
0.002 Low
EPSS
Percentile
51.4%
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL.
References
exchange.xforce.ibmcloud.com/vulnerabilities/184943
gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.md
gitlab.com/francoisjacquet/rosariosis/-/commit/89ae9de732024e3a2e99262aa98b400a1aa6975a
gitlab.com/francoisjacquet/rosariosis/-/issues/291
gitlab.com/francoisjacquet/rosariosis/-/tags/v6.8-beta
Related
cve
cve
CVE-2020-15717
2020-07-15 19:15:12
nvd
nvd
CVE-2020-15717
2020-07-15 19:15:12
prion
prion
Input validation
2020-07-15 19:15:00
osv
osv
CVE-2020-15717
2020-07-15 19:15:12