Cross-Site Scripting (XSS) Vulnerability in OS4ED openSIS 8.0's EmailCheckOthers.php

Cross-Site Scripting (XSS) Vulnerability in OS4ED openSIS 8.0's EmailCheckOthers.php

CVE-2021-40637 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user.

Learn more about our User Device Pen Test.