Lucene search
PRIOn knowledge basePRION:CVE-2020-15716HistoryJul 15, 2020 - 7:15 p.m.
Input validation
2020-07-1519:15:00
PRIOn knowledge base
www.prio-n.com
1
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rosariosis | eq | 6.7.2 |
References
exchange.xforce.ibmcloud.com/vulnerabilities/184942
gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.md
gitlab.com/francoisjacquet/rosariosis/-/commit/89ae9de732024e3a2e99262aa98b400a1aa6975a
gitlab.com/francoisjacquet/rosariosis/-/issues/291
gitlab.com/francoisjacquet/rosariosis/-/tags/v6.8-beta
Related
cvelist
cvelist
CVE-2020-15716
2020-07-15 19:00:44
osv
osv
CVE-2020-15716
2020-07-15 19:15:12
cve
cve
CVE-2020-15716
2020-07-15 19:15:12
veracode
veracode
Cross-Site Scripting (XSS)
2020-07-16 04:14:57
nvd
nvd
CVE-2020-15716
2020-07-15 19:15:12