Open-School: >> Open-School >> 2.3 Security Vulnerabilities
Open-School 3.0, and Community Edition 2.3, allows SQL Injection via the index.php?r=students/students/document id parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-08
Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.
CVSS Score
6.1
EPSS Score
0.136
Published
2019-08-06