Follet School Solutions Destiny 安全漏洞

Follet School Solutions Destiny is a school solution from Follet, Inc. A security vulnerability exists in Follet School Solutions Destiny prior to version v22.0.1 AU1, which stems from arbitrary client-side code that can be run via the handleloginform.do's expiredSupportMessage parameter...

PT-2024-32407 · Follett · Follet School Solutions Destiny

Name of the Vulnerable Software and Affected Versions: Follet School Solutions Destiny versions prior to 22.0.1 AU1 Description: The issue allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of the "handleloginform.do" endpoint. This enables the...