VYPR
Moderate severityNVD Advisory· Published Feb 22, 2022· Updated Aug 4, 2024

CVE-2021-44565

CVE-2021-44565

Description

A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before 7.6.1 via the xss_clean function in classes/Security.php, which allows remote malicious users to inject arbitrary JavaScript or HTML. An example of affected components are all Markdown input fields.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
francoisjacquet/rosariosisPackagist
< 7.6.17.6.1

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.