Описание
Cross-site Scripting in RosarioSIS
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php.
Пакеты
Наименование
francoisjacquet/rosariosis
composer
Затронутые версииВерсия исправления
< 6.8
6.8
Связанные уязвимости
CVSS3: 6.1
nvd
больше 5 лет назад
RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php.