Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.
CVE-2023-34599
Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v2500, which enable attackers to execute arbitrary Javascript code
Proof of Concept
Parameter allUsers
gibbonlocal/indexphp?q=/modules/Timetable Admin/courseEnrolment_manage_byPerson_editphp&gibbonPersonID=0000000001&gibbonSchoolYearID=025&type=