Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.
- https://github.com/G37SYS73M/Advisory_G37SYS73M/blob/main/CVE-2022-46087/poc.md
- https://github.com/ARPSyndicate/cvemon
- https://github.com/G37SYS73M/CVE-2022-46087
- https://github.com/nomi-sec/PoC-in-GitHub