जमा करें #786154: Craig A Rodway classroombookings 2.16.4 Stored Cross-Site Scripting (XSS)जानकारी

शीर्षक	Craig A Rodway classroombookings 2.16.4 Stored Cross-Site Scripting (XSS)
विवरण	A stored cross-site scripting (XSS) vulnerability in Classroom Bookings v2.16.4 allows authenticated users with the Teacher role to inject arbitrary JavaScript via the Display Name field in the profile settings. The malicious payload is stored and executed when the affected data is rendered, leading to execution of attacker-controlled scripts in other users’ browsers.
स्रोत	⚠️ https://github.com/sudo-secure/security-research/blob/main/classroombookings/stored-xss/PoC.md
उपयोगकर्ता	sudosme (UID 96548)
सबमिशन	23/03/2026 01:54 PM (26 दिन पहले)
संयम	17/04/2026 08:58 AM (25 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	358027 [classroombookings तक 2.17.0 User Display Name layout.php read displayname क्रॉस साइट स्क्रिप्टिंग]
अंक	18

Do you know our Splunk app?

Download it now for free!