MEDIUM
Follet School Solutions
CVE published 2026-05-28
CVE-2024-47097
A reflected cross-site scripting (XSS) vulnerability exists in Follett School Solutions Destiny Library Manager versions prior to v22.0.1 AU1. The vulnerability resides in the `site` parameter of the `handleloginform.do` endpoint, allowing remote attackers to inject and execute arbitrary client-side code in a victim's browser context. The CVSS 4.0 vector indicates network attack vector with low attack com [truncated]