CVE-2024-28097 Information

Description

Calendar functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users.

Reference

https://www.themissinglink.com.au/security-advisories/cve-2024-28097 https://schoolbox.education/