Vulnerability Details CVE-2019-1010028
phpscriptsmall.com School College Portal with ERP Script 2.6.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attack administrators and teachers, students and more. The component is: /pro-school/index.php?student/message/send_reply/. The attack vector is: <img src=x onerror=alert(document.domain) />.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2019-1010028
-
School College Portal With Erp Script Project » School College Portal With Erp Script » Version: 2.6.1cpe:2.3:a:school_college_portal_with_erp_script_project:school_college_portal_with_erp_script:2.6.1