Lucene search
GoogleOSV:CVE-2020-15718HistoryJul 15, 2020 - 8:15 p.m.
CVE-2020-15718
2020-07-1520:15:13
Google
osv.dev
2
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability using the include_inactive parameter in a crafted URL.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rosariosis | eq | 2.8.27 | |
| rosariosis | eq | 5.6.3 | |
| rosariosis | eq | 4.4-beta | |
| rosariosis | eq | 2.5.3 | |
| rosariosis | eq | 5.0.1 | |
| rosariosis | eq | 6.5 | |
| rosariosis | eq | 2.9.4 | |
| rosariosis | eq | 2.8.21 | |
| rosariosis | eq | 5.7.1 | |
| rosariosis | eq | 5.4 |
References
exchange.xforce.ibmcloud.com/vulnerabilities/184944
gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.md
gitlab.com/francoisjacquet/rosariosis/-/commit/89ae9de732024e3a2e99262aa98b400a1aa6975a
gitlab.com/francoisjacquet/rosariosis/-/issues/291
gitlab.com/francoisjacquet/rosariosis/-/tags/v6.8-beta
Related
veracode
veracode
Cross-Site Scripting (XSS)
2020-07-16 04:06:17
prion
prion
Input validation
2020-07-15 20:15:00
cve
cve
CVE-2020-15718
2020-07-15 20:15:13
nvd
nvd
CVE-2020-15718
2020-07-15 20:15:13
cvelist
cvelist
CVE-2020-15718
2020-07-15 19:02:52