11 lines
No EOL
514 B
Text
11 lines
No EOL
514 B
Text
source: http://www.securityfocus.com/bid/22611/info
|
|
|
|
Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables.
|
|
|
|
An attacker can exploit these issue to obtain sensitive information that may aid in other attacks.
|
|
|
|
This issue affects Powerschool 4.3.6; other versions may also be affected.
|
|
|
|
UPDATE: Powerschool 5.1.2 is also reportedly affected by this issue, in a limited fashion.
|
|
|
|
http://www.example.com/admin/.js |