CVE-2026-5010 Reflected Cross-Site Scripting (XSS) in Sanoma’s Clickedu

A reflected Cross-Site Scripting XSS vulnerability has been discovered in Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim’s browser by sending them a malicious URL using the endpoint “/user.php/”. This vulnerability can be exploited to steal sensitive user...

CVE-2026-5010 Reflected Cross-Site Scripting (XSS) in Sanoma’s Clickedu

A reflected Cross-Site Scripting XSS vulnerability has been discovered in Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim’s browser by sending them a malicious URL using the endpoint “/user.php/”. This vulnerability can be exploited to steal sensitive user...

CVE-2025-41070

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetesvaries.php'. This vulnerability can be exploited to steal sensitive user data, such...

CVE-2025-41070

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetesvaries.php'. This vulnerability can be exploited to steal sensitive user data, such...

CVE-2025-41070 Reflected Cross-site Scripting (XSS) in Sanoma's Clickedu

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetesvaries.php'. This vulnerability can be exploited to steal sensitive user data, such...

CVE-2025-41070 Reflected Cross-site Scripting (XSS) in Sanoma's Clickedu

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetesvaries.php'. This vulnerability can be exploited to steal sensitive user data, such...

EUVD-2025-199980

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetesvaries.php'. This vulnerability can be exploited to steal sensitive user data, such...

CVE-2025-41070

CVE-2025-41070 describes a reflected XSS in Sanoma’s Clickedu. The vulnerability exists in the web path /students/carpetes_varies.php , enabling an attacker to execute JavaScript in a victim’s browser, potentially stealing session cookies or performing actions on behalf of the user. Connected sou...

Sanoma Clickedu 跨站脚本漏洞

Sanoma Clickedu is a comprehensive education management software platform from the Finnish company Sanoma. A cross-site scripting vulnerability exists in Sanoma Clickedu, which stems from reflected cross-site scripting in /students/carpetesvaries.php, which could lead to the execution of maliciou...

PT-2025-48436

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetes varies.php'. This vulnerability can be exploited to steal sensitive user data, suc...