Filtered by vendor Classlink
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45889 | 1 Classlink | 1 Oneclick | 2025-05-30 | N/A | 6.1 MEDIUM |
| A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.8 allows remote attackers to inject JavaScript into any webpage. NOTE: this issue exists because of an incomplete fix for CVE-2022-48612. | |||||
| CVE-2022-48612 | 1 Classlink | 1 Oneclick | 2024-11-21 | N/A | 6.1 MEDIUM |
| A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression (validating whether a URL is controlled by ClassLink) is not present in all applicable places. | |||||