Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2020-15718

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability using the include_inactive parameter in a crafted URL.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-15716

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-15717

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0