← voltar
CVE-2021-30113

CVE-2021-30113

EPSS 0.9%
A blind XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in event name and description fields. An attacker can inject a JavaScript code that will be stored in the page. If any visitor sees the event, then the payload will be executed and sends the victim's information to the attacker website.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/0xrayan/CVEs/issues/1https://web-school.in/try-demo/http://web-school.in