2 matches found
CVE-2021-44565
A Cross Site Scripting XSS vulnerability exists in RosarioSIS before 7.6.1 via the xssclean function in classes/Security.php, which allows remote malicious users to inject arbitrary JavaScript or HTML. An example of affected components are all Markdown input fields...
CVE-2021-44565
RosarioSIS is affected by a Cross-Site Scripting (XSS) vulnerability in versions prior to 7.6.1, exposed through the xss_clean function in classes/Security.php. The issue allows remote attackers to inject arbitrary JavaScript or HTML, with all Markdown input fields identified as affected componen...