Security Advisory

CVE-2021-3262

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-29 00:00:00

Last updated 2024-10-02 14:57:43

Assigner mitre

State PUBLISHED

Description

TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the "Student Busing Information" search queries.

← Browse all CVEs View on cve.org ↗