4 matches found
CVE-2024-28095
News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
CVE-2024-28095 Stored Cross-site Scripting in News functionality in Schoolbox
News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
CVE-2024-28095 Stored Cross-site Scripting in News functionality in Schoolbox
News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...
CVE-2024-28095
CVE-2024-28095 affects Schoolbox: stored cross-site scripting in the News functionality for versions prior to 23.1.3. The flaw originates in News where user input can be stored and executed in an authenticated user’s context, enabling the attacker to perform security actions. A patch is available...