MidnightBSD

Advisories for cloudschool_project

CVE-2022-46087

CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.

Products Affected

Vendor Product Version
cloudschool_project cloudschool 3.0.1