OSclass 2.3.3 Cross Site Scripting / SQL Injection

Advisory ID: HTB23068 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinosclass.html Product: OSclass Vendor: osclass.org http://osclass.org/ Vulnerable Version: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 04 January 2012 Vendor Patch: 16 January 2012...