3 matches found
Pearson eSIS 'loginverification.aspx'跨站脚本漏洞
Bugtraq ID:66562 CVE ID:CVE-2014-1942 Pearson eSIS Enterprise Student Information System是一个相关学生信息系统的管理系统。 Pearson eSIS Enterprise Student Information System /aal/loginverification.aspx存在反射型跨站脚本漏洞,允许攻击者构建恶意URI,诱使用户解析,可获取敏感信息或劫持用户会话。 0 Pearson eSIS 目前没有详细解决方案:...
CVE-2014-1942
Pearson eSIS Enterprise Student Information System contains a reflected XSS vulnerability in /aal/loginverification.aspx. The issue allows remote attackers to inject arbitrary script via unspecified vectors, potentially affecting the user’s browser context. The publicly available sources identify...
Pearson eSIS Enterprise Student Information System XSS vulnerability
Overview Pearson eSIS Enterprise Student Information System contains a XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'Pearson eSIS Enterprise Student Information System contains a reflected cross-site scripting vulnerabilit...