The Easy Student Results WordPress plugin through 2.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/3f4e8fe5-1c92-49ad-b709-a40749c80596 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-08-15 04:21
Updated : 2022-08-16 10:45
NVD link : CVE-2022-2378
Mitre link : CVE-2022-2378
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
easy_student_results_project
- easy_student_results