17 matches found
CVE-2024-47097
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
CVE-2024-47096
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
CVE-2024-47096
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
CVE-2024-47097
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
CVE-2024-47097 Reflected Cross-Site Scripting in Follet School Solutions Destiny
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
CVE-2024-47097 Reflected Cross-Site Scripting in Follet School Solutions Destiny
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
CVE-2024-47097
Follet Destiny (Destiny Library Manager) by Follett School Solutions is affected by CVE-2024-47097. The vulnerability is a reflected Cross-Site Scripting (XSS) in which a remote attacker can run arbitrary client-side code via the site parameter of handleloginform.do, affecting versions before 22....
CVE-2024-47096 Reflected Cross-Site Scripting in Follet School Solutions Destiny
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
CVE-2024-47096
CVE-2024-47096 is a reflected cross-site scripting vulnerability in Follet School Solutions Destiny prior to v22.0.1 AU1. The issue allows a remote attacker to execute arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do. According to the NVD entry, the CVS...
CVE-2024-47096
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
PT-2026-44213
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
PT-2026-44212
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
Follet School Solutions Destiny 安全漏洞
Follet School Solutions Destiny is a school solution from Follet, Inc. A security vulnerability exists in Follet School Solutions Destiny prior to version v22.0.1 AU1, which stems from arbitrary client-side code that can be run via the handleloginform.do's expiredSupportMessage parameter...
CVE-2023-38827
Cross Site Scripting vulnerability in Follet School Solutions Destiny v.2001AU4 and later allows a remote attacker to run arbitrary code via presentonesearchresultsform.do...
Follet School Solutions Destiny Security Breach
Follet School Solutions Destiny is a school solution from Follet School Solutions Destiny, Inc. A security vulnerability exists in Follet School Solutions Destiny v.2001AU4 and later versions that stems from the presence of a cross-site scripting XSS vulnerability. An attacker can run arbitrary...
CVE-2023-38826
A Cross Site Scripting XSS vulnerability exists in Follet Learning Solutions Destiny through 20.01U. via the handlewpesearchform.do. searchString...
PT-2023-26614 · Follett · Follet School Solutions Destiny
Name of the Vulnerable Software and Affected Versions: Follet School Solutions Destiny versions 20 0 1 AU4 and later Description: The issue allows a remote attacker to run arbitrary code via the "presentonesearchresultsform.do" API endpoint. This enables the execution of arbitrary code, potential...