Headline
CVE-2023-1356: Reflected Cross-site Scripting In IDAttend’s IDWeb Application
Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.052 and earlier allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link.
CVE-2023-1356
Discovered by Jack Misiura on behalf of The Missing Link Security
Vulnerability Details
Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.013 allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link.
Affected Versions
Discovered in: 3.1.013
Fixed Versions
Fixed in: 3.1.053
Latest News
Clearing up the complex world of penetration testing
Why Companies Hesitate to Use Automation (And Why They Shouldn’t)
What is Cyber Threat Intelligence, and why do I need it?
See All News