CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-28095

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.9%

CVSS Severity

CVSS v3 Score 7.3

References

https://schoolbox.education/
https://www.themissinglink.com.au/security-advisories/cve-2024-28095
https://schoolbox.education/
https://www.themissinglink.com.au/security-advisories/cve-2024-28095

Products affected by CVE-2024-28095

Schoolbox » Schoolbox » Version: N/A

cpe:2.3:a:schoolbox:schoolbox:-
Schoolbox » Schoolbox » Version: 21.0.2

cpe:2.3:a:schoolbox:schoolbox:21.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-28095

Products

Pricing

Contact Us