Pearson eSIS 'loginverification.aspx'跨站脚本漏洞

Bugtraq ID:66562 CVE ID:CVE-2014-1942 Pearson eSIS Enterprise Student Information System是一个相关学生信息系统的管理系统。 Pearson eSIS Enterprise Student Information System /aal/loginverification.aspx存在反射型跨站脚本漏洞，允许攻击者构建恶意URI，诱使用户解析，可获取敏感信息或劫持用户会话。 0 Pearson eSIS 目前没有详细解决方案：...

Pearson eSIS Enterprise Student Information System XSS vulnerability

Overview Pearson eSIS Enterprise Student Information System contains a XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'Pearson eSIS Enterprise Student Information System contains a reflected cross-site scripting vulnerabilit...