CVE-2024-28095 Information

Description

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users.

Reference

https://www.themissinglink.com.au/security-advisories/cve-2024-28095 https://schoolbox.education/