CVE-2017-7389

Multiple Cross-Site Scripting XSS were discovered in 'openeclass Release3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data meetingid, user passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script...

CVE-2017-7389

CVE-2017-7389 affects Open eClass Release_3.5.4. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient filtering of user-supplied data (meeting_id, user) passed to the openeclass-master/modules/tc/webconf/webconf.php URL. An attacker could cause the browser to execute arbitrary HT...