Moderate severityNVD Advisory· Published Aug 12, 2020· Updated Aug 4, 2024
CVE-2020-13278
CVE-2020-13278
Description
Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
francoisjacquet/rosariosisPackagist | < 6.5.1 | 6.5.1 |
Affected products
2- Range: =6.5.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-4cx9-7xqc-2jxmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-13278ghsaADVISORY
- gitlab.com/francoisjacquet/rosariosis/-/commit/9cb4fec5fe177f1d3716708b46d1958eac477ebeghsax_refsource_MISCWEB
- gitlab.com/francoisjacquet/rosariosis/-/issues/282ghsax_refsource_MISCWEB
- gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13278.jsonghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.