Vulnerabilities
Vulnerable Software
Powerschool:  Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it be eval()'d in the page and execute in the context of the user.
CVSS Score
5.7
EPSS Score
0.001
Published
2026-06-16
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
CVSS Score
9.8
EPSS Score
0.012
Published
2019-10-15


Contact Us

Shodan ® - All rights reserved