A blind XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in event name and description fields. An attacker can inject a JavaScript code that will be stored in the page. If any visitor sees the event, then the payload will be executed and sends the victim's information to the attacker website.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-08T11:12:20
Updated: 2024-08-03T22:24:59.370Z
Reserved: 2021-04-02T00:00:00
Link: CVE-2021-30113
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-08T12:15:12.650
Modified: 2024-11-21T06:03:19.800
Link: CVE-2021-30113
Redhat
No data.