UBIT Information Technologies CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM UBIT Information Technologies CVE published 2023-03-07

CVE-2021-44197

A stored cross-site scripting (XSS) vulnerability exists in UBIT Information Technologies Student Information Management System versions prior to 20211126. The flaw stems from improper neutralization of script-related HTML tags in web page content, allowing attackers to inject malicious scripts that execute in victims' browsers. With a CVSS 3.1 score of 6.1 (MEDIUM), this vulnerability requires network ac [truncated]

MEDIUM UBIT Information Technologies CVE published 2023-03-07

CVE-2021-44196

A stored cross-site scripting (XSS) vulnerability exists in UBIT Information Technologies Student Information Management System versions prior to 20211126. The flaw stems from improper neutralization of script-related HTML tags in web page content, allowing attackers to inject malicious scripts that execute in victims' browsers. With a CVSS 3.1 score of 6.1 (Medium), this vulnerability requires network ac [truncated]