CVE-2020-15718
CVE-2020-15718
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability using the include_inactive parameter in a crafted URL.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/52449unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://exchange.xforce.ibmcloud.com/vulnerabilities/184944https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2020-15718.mdhttps://gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.mdhttps://gitlab.com/francoisjacquet/rosariosis/-/commit/89ae9de732024e3a2e99262aa98b400a1aa6975ahttps://gitlab.com/francoisjacquet/rosariosis/-/issues/291https://gitlab.com/francoisjacquet/rosariosis/-/tags/v6.8-beta