2 matches found
CVE-2023-38827
Summary: CVE-2023-38827 is a cross-site scripting vulnerability in Follet School Solutions Destiny (v.20_0_1_AU4 and later) that enables a remote attacker to run arbitrary code via the API endpoint presentonesearchresultsform.do . The connected documents confirm the affected product/version range...
CVE-2023-38826
CVE-2023-38826 — Follett Destiny (through 20.0 1U) is a Cross Site Scripting (XSS) issue exploitable via the handlewpesearchform.do endpoint, specifically through the searchString parameter. The PT-2023-26613 entry confirms affected software and versions and provides concrete exploit context, inc...