CVE-2020-15717

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-15717

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15717.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-15717

Published

2020-07-15T19:15:12.243Z

Modified

2025-12-09T11:59:47.862518Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL.

References

Affected packages

Git / github.com/francoisjacquet/rosariosis

Affected ranges

Type: GIT
Repo: https://github.com/francoisjacquet/rosariosis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15717.json"

Git / gitlab.com/francoisjacquet/rosariosis

Affected ranges

Type: GIT
Repo: https://gitlab.com/francoisjacquet/rosariosis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

89ae9de732024e3a2e99262aa98b400a1aa6975a

Affected versions

2.*

2.9.8

5.*

5.0-beta

v1.*

v1.2

v1.2.1

v1.2.2

v1.3

v1.3.1

v1.3.2

v2.*

v2.0

v2.0.1

v2.0.2

v2.0.3

v2.0b

v2.0b.2

v2.0b.3

v2.0b3

v2.0b4

v2.1

v2.1.1

v2.2

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.3

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.4

v2.4.1

v2.5

v2.5.1

v2.5.2

v2.5.3

v2.5.3b

v2.5.4

v2.5.5

v2.5.6

v2.5.7

v2.5.8

v2.6

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

v2.7

v2.7-beta

v2.7.1

v2.7.2

v2.7.3

v2.8

v2.8-beta

v2.8-beta2

v2.8-beta3

v2.8-beta4

v2.8.1

v2.8.10

v2.8.11

v2.8.12

v2.8.13

v2.8.14

v2.8.15

v2.8.16

v2.8.17

v2.8.18

v2.8.19

v2.8.2

v2.8.20

v2.8.20bis

v2.8.21

v2.8.22

v2.8.23

v2.8.24

v2.8.25

v2.8.26

v2.8.27

v2.8.3

v2.8.3bis

v2.8.4

v2.8.5

v2.8.6

v2.8.7

v2.8.8

v2.8.9

v2.9

v2.9-beta1

v2.9.1

v2.9.10

v2.9.11

v2.9.12

v2.9.13

v2.9.14

v2.9.15

v2.9.2

v2.9.3

v2.9.4

v2.9.5

v2.9.6

v2.9.7

v2.9.8

v2.9.9

v3.*

v3.0

v3.0.1

v3.0.2

v3.1

v3.1.1

v3.1.2

v3.2

v3.3

v3.3-beta

v3.3.1

v3.3.2

v3.3.3

v3.3.4

v3.4

v3.4.1

v3.4.2

v3.4.3

v3.5

v3.5.1

v3.5.2

v3.5.3

v3.6

v3.6-beta

v3.6.1

v3.7

v3.7-beta

v3.7.1

v3.8

v3.8-beta

v3.8-beta2

v3.9

v3.9-beta

v3.9.1

v4.*

v4.0

v4.0-beta

v4.0-beta2

v4.0-beta3

v4.1

v4.2-beta

v4.3

v4.3-beta

v4.3.1

v4.4

v4.4-beta

v4.4-beta2

v4.5

v4.5-beta2

v4.5.1

v4.6

v4.6-beta

v4.7-beta2

v4.8-beta

v4.8-beta2

v4.9

v4.9-beta

v4.9.1

v5.*

v5.0

v5.0-beta2

v5.0-beta3

v5.0-beta4

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.1

v5.1-beta

v5.1.1

v5.2

v5.2-beta

v5.3

v5.3-beta

v5.4

v5.4-beta

v5.4.1

v5.4.2

v5.5

v5.5-beta

v5.5-beta2

v5.5-beta3

v5.5.1

v5.6

v5.6-beta

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.5

v5.7

v5.7.1

v5.7.2

v5.7.3

v5.8

v5.8-beta

v5.8-beta2

v5.8-beta3

v5.8-beta4

v5.8-beta5

v5.9

v5.9-beta2

v5.9-beta3

v6.*

v6.0

v6.0-beta

v6.1

v6.2

v6.3

v6.4

v6.4.1

v6.4.2

v6.5

v6.5.1

v6.5.2

v6.6

v6.6.1

v6.7

v6.7.1

v6.7.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15717.json"