PowerSchool Mobile

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-12425	PowerSchool PowerSchool Mobile	Med	0.37	—	—		Jun 16, 2026	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after…
CVE-2019-17396	PowerSchool PowerSchool Mobile		0.00	—	0.01		Oct 15, 2019	In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.

CVE-2026-12425MedJun 16, 2026
PowerSchool
PowerSchool Mobile
risk 0.37cvss —epss —
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after…
CVE-2019-17396Oct 15, 2019
PowerSchool
PowerSchool Mobile
risk 0.00cvss —epss 0.01
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.