Filtered by vendor Classlink
Subscriptions
Filtered by product Oneclick
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-48612 | 1 Classlink | 1 Oneclick | 2024-09-16 | 6.1 Medium |
| A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression (validating whether a URL is controlled by ClassLink) is not present in all applicable places. | ||||
| CVE-2023-45889 | 1 Classlink | 1 Oneclick | 2024-08-02 | 6.1 Medium |
| A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.8 allows remote attackers to inject JavaScript into any webpage. NOTE: this issue exists because of an incomplete fix for CVE-2022-48612. | ||||
Page 1 of 1.