CVE-2022-46087

CloudSchool v3.0.1 is affected by Cross-Site Scripting (XSS) via admin notifications, allowing a normal user to steal admin session cookies. The issue is documented with a PoC and public advisories; exploitation exists in reported PoCs. Remediation: upgrade to a version that includes a fix for th...