A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).
{ "versions": [ { "introduced": "0" }, { "last_affected": "22.0.00" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-40492.json"