Rosariosis: >> Rosariosis >> 8.2.1 Security Vulnerabilities
Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-12
Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-04-21
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2.
CVSS Score
8.1
EPSS Score
0.007
Published
2023-02-24
Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.
CVSS Score
8.1
EPSS Score
0.001
Published
2022-09-06
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3.
CVSS Score
8.0
EPSS Score
0.002
Published
2022-09-01
SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0.
CVSS Score
8.8
EPSS Score
0.008
Published
2022-06-13
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.1.
CVSS Score
9.0
EPSS Score
0.004
Published
2022-06-09
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-06-08
Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules/Scheduling/Courses.php script.
CVSS Score
6.1
EPSS Score
0.231
Published
2022-02-01