CourseMS (aka Course Registration Management System) 2.1 is affected by cross-site scripting (XSS). When an attacker with access to an Admin account creates a Job Title in the Site area (aka the admin/add_jobs.php name parameter), they can insert an XSS payload. This payload will execute whenever anyone visits the registration page.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-03-31T19:03:37

Updated: 2024-08-03T22:11:06.362Z

Reserved: 2021-03-31T00:00:00

Link: CVE-2021-29663

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-31T20:15:14.207

Modified: 2024-11-21T06:01:36.440

Link: CVE-2021-29663

cve-icon Redhat

No data.