CVE-2022-27041

Publication date

2022-04-11 13:36:03

Family

mitre

State

PUBLISHED

Description

Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases.