CourseMS (aka Course Registration Management System) 2.1 is affected by cross-site scripting (XSS). When an attacker with access to an Admin account creates a Job Title in the Site area (aka the admin/add_jobs.php name parameter), they can insert an XSS payload. This payload will execute whenever anyone visits the registration page.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2021-03-31T19:03:37
Updated: 2024-08-03T22:11:06.362Z
Reserved: 2021-03-31T00:00:00
Link: CVE-2021-29663

No data.

Status : Modified
Published: 2021-03-31T20:15:14.207
Modified: 2024-11-21T06:01:36.440
Link: CVE-2021-29663

No data.