7 matches found
Cross-site Scripting in RosarioSIS
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php...
GHSA-6VC5-V7HW-H5H2 Cross-site Scripting in RosarioSIS
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php...
CVE-2020-15721
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php...
CVE-2020-15721
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php...
Design/Logic Flaw
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php...
CVE-2020-15721
CVE-2020-15721 affects RosarioSIS up to 6.8-beta. A cross-site scripting (XSS) issue is caused by the href attributes in modules/Custom/NotifyParents.php affecting AddStudents.php and User.php. The connected documents do not provide a patch version, workaround, or explicit exploitation details. N...
CVE-2020-15721
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php...