cvedb.io
CVE-2022-39020
HIGH · CVSS 7.6
EPSS exploitation probability: 0%
Published 2022-10-31T21:15:12.250 · Last modified 2026-06-17T04:57:26.647

Summary

Multiple instances of XSS (stored and reflected) was found in the application. For example, features such as student assessment submission, file upload, news, ePortfolio and calendar event creation were found to be vulnerable to cross-site scripting.

Affected products

schoolbox — schoolbox

Does this affect you?

Add your gear to cvedb and we'll alert you only when schoolbox ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.