CVE-2020-13278

Summary

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.

Affected Software

VendorProductVersion RangeStatus
RosarioSISRosarioSIS=6.5.1affected

Weaknesses

  • Improper neutralization of input during web page generation ('cross-site scripting') in RosarioSIS

ADP Enrichment

CVE Program Container

Additional References

References