admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-38883.md
0xMarcio 7490dda3bb Update CVE sources 2024-06-23 04:42
2024-06-23 04:42:52 +00:00

18 lines
782 B
Markdown
Raw Permalink Blame History

### [CVE-2023-38883](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38883)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'ajax' parameter in 'ParentLookup.php'.
### POC
#### Reference
- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38883
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink