RSS   Vulnerabilities for 'Gibbon'   RSS

2022-02-03
 
CVE-2022-23871

CWE-79
 
 
Multiple cross-site scripting (XSS) vulnerabilities in the component outcomes_addProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters.

 
2022-01-28
 
CVE-2022-22868

CWE-79
 
 
Gibbon CMS v22.0.01 was discovered to contain a cross-site scripting (XSS) vulnerability, that allows attackers to inject arbitrary script via name parameters.

 
2021-09-03
 
CVE-2021-40492

CWE-79
 
 
A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).

 

Copyright 2024, cxsecurity.com

 

Back to Top