CVE-2017-7389
CVE-2017-7389 affects Open eClass Release_3.5.4. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient filtering of user-supplied data (meeting_id, user) passed to the openeclass-master/modules/tc/webconf/webconf.php URL. An attacker could cause the browser to execute arbitrary HT...