Lucene search
K

4 matches found

NVD
NVD
added 2024/03/07 4:15 a.m.22 views

CVE-2024-28095

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...

7.3CVSS6.8AI score0.00331EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/07 3:17 a.m.9 views

CVE-2024-28095 Stored Cross-site Scripting in News functionality in Schoolbox

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...

7.3CVSS6.1AI score0.00331EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/07 3:17 a.m.22 views

CVE-2024-28095 Stored Cross-site Scripting in News functionality in Schoolbox

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...

7.3CVSS7AI score0.00331EPSS
Exploits0References2
CVE
CVE
added 2024/03/07 3:17 a.m.61 views

CVE-2024-28095

CVE-2024-28095 affects Schoolbox: stored cross-site scripting in the News functionality for versions prior to 23.1.3. The flaw originates in News where user input can be stored and executed in an authenticated user’s context, enabling the attacker to perform security actions. A patch is available...

7.3CVSS6.9AI score0.00331EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder