CVE-2020-22312

Name of the Vulnerable Software and Affected Versions HZNUOJ version 1.0

Description A cross-site scripting (XSS) issue was found in the /cal scores.php function of the OJ/admin-tool. This affects the ability to properly secure user input, potentially leading to malicious script execution.

Recommendations For HZNUOJ version 1.0, consider disabling the /cal scores.php function until a patch is available to prevent potential exploitation. Restrict access to the OJ/admin-tool to minimize the risk of XSS attacks. Avoid using the /cal scores.php endpoint in the OJ/admin-tool until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.