2 matches found
CVE-2022-46087
CloudSchool v3.0.1 is vulnerable to Cross Site Scripting XSS. A normal user can steal session cookies of the admin users through notification received by the admin user...
CVE-2022-46087
CloudSchool v3.0.1 is affected by Cross-Site Scripting (XSS) via admin notifications, allowing a normal user to steal admin session cookies. The issue is documented with a PoC and public advisories; exploitation exists in reported PoCs. Remediation: upgrade to a version that includes a fix for th...