CourseMS (aka Course Registration Management System) 2.1 is affected by cross-site scripting (XSS). When an attacker with access to an Admin account creates a Job Title in the Site area (aka the admin/add_jobs.php name parameter), they can insert an XSS payload. This payload will execute whenever anyone visits the registration page.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-03T22:11:06.362Z

Reserved: 2021-03-31T00:00:00

Link: CVE-2021-29663

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-31T20:15:14.207

Modified: 2024-11-21T06:01:36.440

Link: CVE-2021-29663

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.