G37SYS73M/Advisory_G37SYS73M

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-46087 ↗	Jan 30, 2023Monday, 30 January 2023, 15:15	5.4 MEDIUM	—
CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.
CVE-2022-36193 ↗	Nov 28, 2022Monday, 28 November 2022, 13:15	9.8 CRITICAL	—
SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.