Title | RosarioSIS RosarioSIS Student Information System v11.5.1 stored XSS at add portal note |
---|
Description | Product: RosarioSIS Student Information System
Product Link: https://github.com/francoisjacquet/rosariosis/
A vulnerability pertaining to Stored Cross-site Scripting (XSS) has been identified in version 11.5.1 of Rosariosis at modname=School_setup/portalnotes.php. This flaw enables attackers to upload a malicious PDF file containing JavaScript code. Subsequently, this code may be triggered upon viewing the PDF. |
---|
Source | ⚠️ https://powerful-bulb-c36.notion.site/Stored-xss-via-malicious-PDF-upload-98fb1ea6b9bf4ddfaf04d61b2c05410a |
---|
User | louay khammassi (ID 67114) |
---|
Submission | 03/30/2024 02:43 AM (6 months ago) |
---|
Moderation | 04/01/2024 06:47 PM (3 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 258911 |
---|
Points | 20 |
---|