Follett School Solutions
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-38827 | Med | 0.40 | 6.1 | 0.00 | Jan 9, 2024 | Cross Site Scripting vulnerability in Follet School Solutions Destiny v.20_0_1_AU4 and later allows a remote attacker to run arbitrary code via presentonesearchresultsform.do. | ||
| CVE-2023-38826 | Med | 0.40 | 6.1 | 0.00 | Dec 25, 2023 | A Cross Site Scripting (XSS) vulnerability exists in Follet Learning Solutions Destiny through 20.0_1U. via the handlewpesearchform.do. searchString. | ||
| CVE-2024-47097 | Med | 0.33 | — | 0.00 | May 28, 2026 | Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do. | ||
| CVE-2024-47096 | Med | 0.33 | — | 0.00 | May 28, 2026 | Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do. | ||
| CVE-2024-47095 | Med | 0.33 | — | 0.01 | Oct 8, 2024 | Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of handleloginform.do. |
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting vulnerability in Follet School Solutions Destiny v.20_0_1_AU4 and later allows a remote attacker to run arbitrary code via presentonesearchresultsform.do.
- risk 0.40cvss 6.1epss 0.00
A Cross Site Scripting (XSS) vulnerability exists in Follet Learning Solutions Destiny through 20.0_1U. via the handlewpesearchform.do. searchString.
- risk 0.33cvss —epss 0.00
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do.
- risk 0.33cvss —epss 0.00
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do.
- risk 0.33cvss —epss 0.01
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of handleloginform.do.