7 matches found
EUVD-2022-0900
Malicious code in bioql PyPI...
GHSA-3756-HWHV-QW58 Cross site scripting in francoisjacquet/rosariosis
A Cross Site Scripting vulnerability exists RosarioSIS before 4.3 via the SanitizeMarkDown function in ProgramFunctions/MarkDownHTML.fnc.php...
Cross site scripting in francoisjacquet/rosariosis
A Cross Site Scripting vulnerability exists RosarioSIS before 4.3 via the SanitizeMarkDown function in ProgramFunctions/MarkDownHTML.fnc.php...
GHSA-82RR-MQ4R-P4R3 SQL injection in francoisjacquet/rosariosis
An SQL Injection vulnerability exits in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php...
CVE-2021-44566
A Cross Site Scripting XSS vulnerability exists in RosarioSIS before 4.3 via the SanitizeMarkDown function in ProgramFunctions/MarkDownHTML.fnc.php...
CVE-2021-44567
An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php...
CVE-2021-44566
RosarioSIS contains a Cross-Site Scripting (XSS) vulnerability in the SanitizeMarkDown function (ProgramFunctions/MarkDownHTML.fnc.php) affecting versions before 4.3. The issue is documented in CVE-2021-44566 with an XSS vector via the markdown sanitization routine. Public references corroborate ...