CVE-2020-13278

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-13278

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-13278.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-13278

Aliases

GHSA-4cx9-7xqc-2jxm

Published

2020-08-12T14:15:12Z

Modified

2024-10-12T05:26:08.425114Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.

References

Affected packages

Git / github.com/francoisjacquet/rosariosis

Affected ranges

Type: GIT
Repo: https://github.com/francoisjacquet/rosariosis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

0e9990a29b13f06ffe9b1057a0b5a46cb9aa151f

Type: GIT
Repo: https://gitlab.com/francoisjacquet/rosariosis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9cb4fec5fe177f1d3716708b46d1958eac477ebe

Affected versions

2.*

2.9.8

5.*

5.0-beta

v1.*

v1.2

v1.2.1

v1.2.2

v1.3

v1.3.1

v1.3.2

v2.*

v2.0

v2.0.1

v2.0.2

v2.0.3

v2.0b

v2.0b.2

v2.0b.3

v2.0b3

v2.0b4

v2.1

v2.1.1

v2.2

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.3

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.4

v2.4.1

v2.5

v2.5.1

v2.5.2

v2.5.3

v2.5.3b

v2.5.4

v2.5.5

v2.5.6

v2.5.7

v2.5.8

v2.6

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

v2.7

v2.7-beta

v2.7.1

v2.7.2

v2.7.3

v2.8

v2.8-beta

v2.8-beta2

v2.8-beta3

v2.8-beta4

v2.8.1

v2.8.10

v2.8.11

v2.8.12

v2.8.13

v2.8.14

v2.8.15

v2.8.16

v2.8.17

v2.8.18

v2.8.19

v2.8.2

v2.8.20

v2.8.20bis

v2.8.21

v2.8.22

v2.8.23

v2.8.24

v2.8.25

v2.8.26

v2.8.27

v2.8.3

v2.8.3bis

v2.8.4

v2.8.5

v2.8.6

v2.8.7

v2.8.8

v2.8.9

v2.9

v2.9-beta1

v2.9.1

v2.9.10

v2.9.11

v2.9.12

v2.9.13

v2.9.14

v2.9.15

v2.9.2

v2.9.3

v2.9.4

v2.9.5

v2.9.6

v2.9.7

v2.9.8

v2.9.9

v3.*

v3.0

v3.0.1

v3.0.2

v3.1

v3.1.1

v3.1.2

v3.2

v3.3

v3.3-beta

v3.3.1

v3.3.2

v3.3.3

v3.3.4

v3.4

v3.4.1

v3.4.2

v3.4.3

v3.5

v3.5.1

v3.5.2

v3.5.3

v3.6

v3.6-beta

v3.6.1

v3.7

v3.7-beta

v3.7.1

v3.8

v3.8-beta

v3.8-beta2

v3.9

v3.9-beta

v3.9.1

v4.*

v4.0

v4.0-beta

v4.0-beta2

v4.0-beta3

v4.1

v4.2-beta

v4.3

v4.3-beta

v4.3.1

v4.4

v4.4-beta

v4.4-beta2

v4.5

v4.5-beta2

v4.5.1

v4.6

v4.6-beta

v4.7-beta2

v4.8-beta

v4.8-beta2

v4.9

v4.9-beta

v4.9.1

v5.*

v5.0

v5.0-beta2

v5.0-beta3

v5.0-beta4

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.1

v5.1-beta

v5.1.1

v5.2

v5.2-beta

v5.3

v5.3-beta

v5.4

v5.4-beta

v5.4.1

v5.4.2

v5.5

v5.5-beta

v5.5-beta2

v5.5-beta3

v5.5.1

v5.6

v5.6-beta

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.5

v5.7

v5.7.1

v5.7.2

v5.7.3

v5.8

v5.8-beta

v5.8-beta2

v5.8-beta3

v5.8-beta4

v5.8-beta5

v5.9

v5.9-beta2

v5.9-beta3

v6.*

v6.0

v6.0-beta

v6.1

v6.2

v6.3

v6.4

v6.4.1

v6.4.2

v6.5

v6.5.1