RosarioSIS up to and including 6.8-beta allows modules/Custom/NotifyParents.php XSS because of the href attributes for AddStudents.php and User.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rosariosis rosariosis |
||
rosariosis rosariosis 6.8 |