CVE-2021-44266

2022-06-1115:15:08

Google

osv.dev

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.2%

JSON

GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.

CPENameOperatorVersion
openeclasseqRelease_3.10.2
openeclasseqRelease_3.4.4
openeclasseqRelease_3.10
openeclasseqRelease_3.4
openeclasseqRelease_3.8.3
openeclasseqRelease_3.2.1
openeclasseqRelease_3.3
openeclasseqRelease_3.0
openeclasseqRelease_3.7
openeclasseqRelease_3.7.1

Name	Operator	Version
openeclass	eq	Release_3.10.2
openeclass	eq	Release_3.4.4
openeclass	eq	Release_3.10
openeclass	eq	Release_3.4
openeclass	eq	Release_3.8.3
openeclass	eq	Release_3.2.1
openeclass	eq	Release_3.3
openeclass	eq	Release_3.0
openeclass	eq	Release_3.7
openeclass	eq	Release_3.7.1