Vulnerabilities > Schoolbox

DATE CVE VULNERABILITY TITLE RISK
2022-10-31 CVE-2022-39020 Cross-site Scripting vulnerability in Schoolbox 21.0.2
Multiple instances of XSS (stored and reflected) was found in the application.
network
low complexity
schoolbox CWE-79
6.1
2022-10-31 CVE-2022-3059 SQL Injection vulnerability in Schoolbox 21.0.2
The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter.
network
low complexity
schoolbox CWE-89
7.5