A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'include' parameter in 'ForExport.php'
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-20T00:00:00
Updated: 2024-08-02T17:54:39.203Z
Reserved: 2023-07-25T00:00:00
Link: CVE-2023-38882
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-20T19:15:08.683
Modified: 2024-11-21T08:14:21.527
Link: CVE-2023-38882
Redhat
No data.