Jenzabar is higher education’s trusted advisor, offering technology solutions and services to institutions both today and in the future.
Jenzabar v9.20-v9.2.2 is vulnerable to cross-site scripting (XSS). An attacker could use the query parameter to inject web script or HTML (/ics?tool=search&query=)
. Someone must click the link in order to exploit the flaw.