Follet School Solutions Destiny vulnerable to Cross-Site Scripting Attacks
CVE-2024-47095

Currently unrated

Key Information:

Vendor: Follet School Solutions
Status: Destiny
Vendor: CVE Published:; 8 October 2024

🔔 Create Follet School Solutions Vulnerability Alert

What is CVE-2024-47095?

Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of handleloginform.do.

Affected Version(s)

Destiny 0 < 22.0.1 AU1

References

https://www.securin.io/zerodays/cve-2024-47095-reflected-...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2024
Vulnerability Reserved
Sep 18, 2024

CVE-2024-47095 Data

JSON