CVE-2023-1356 Information

Description

Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.052 and earlier allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link.

Reference

https://www.themissinglink.com.au/security-advisories/cve-2023-1356