CVE-2014-9126
CVE-2014-9126 affects Open-School Community Edition 2.2. The vulnerability is described as multiple cross-site scripting (XSS) issues that allow remote attackers to inject arbitrary script/HTML via the YII_CSRF_TOKEN HTTP cookie or through the StudentDocument, StudentCategories, and StudentPrevio...