CVE-2024-27717

July 5, 2024, 5:15 p.m.

Product(s) Impacted

Eskooly Free Online School Management Software

3.0 and before

Description

Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component.

Weaknesses

Date

Published: July 5, 2024, 5:15 p.m.

Last Modified: July 5, 2024, 5:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://blog.be-hacktive.com/eskooly-cve/cve-2024-27717-cross-site-request-forgery-csrf-in-eskooly-web-product-less-than-v3.0