Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of handleloginform.do.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Follet School Solutions
Follet School Solutions destiny |
|
CPEs | cpe:2.3:a:follet_school_solutions:destiny:*:*:*:*:*:*:*:* | |
Vendors & Products |
Follet School Solutions
Follet School Solutions destiny |
|
Metrics |
ssvc
|
Tue, 08 Oct 2024 08:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of handleloginform.do. | |
Title | Reflected Cross-Site Scripting in Follet School Solutions Destiny | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: securin
Published: 2024-10-08T07:49:56.847Z
Updated: 2024-10-08T13:55:09.799Z
Reserved: 2024-09-18T15:52:22.556Z
Link: CVE-2024-47095
Vulnrichment
Updated: 2024-10-08T13:55:04.443Z
NVD
Status : Awaiting Analysis
Published: 2024-10-08T08:15:02.237
Modified: 2024-10-10T12:56:30.817
Link: CVE-2024-47095
Redhat
No data.