Skip to main content
Skip table of contents

PowerSchool SIS 23.3.0.3

PowerSchool SIS version 23.3.0.3 is available as of December 11, 2023. When the installers are available for download, an announcement will be posted on PowerSchool SIS Release Notification on PowerSchool Community.

Resolved Issues

Product Area

Description

Security

Apache Struts has been updated to version 2.5.33 to protect against CVE-2023-50164 that could result in Remote Code Execution (RCE).

PowerSchool strongly recommends upgrading your PowerSchool environment as soon as possible due to the nature of the security vulnerability that is resolved with this update.

Security

ActiveMQ has been updated to version 5.16.7.

The recently announced CVE-2023-46604 applies when an attacker has access directly to the PowerSchool Message Service (broker). The ActiveMQ port should not be exposed to the internet per the PowerSchool Ports and Connections article and is a backend only service. The only ports that should be exposed to the internet are the standard HTTPS ports.

PowerSchool Components

PowerSchool SIS comprises several software components, each versioned independently. This allows for greater flexibility of component updates as new features and bug fixes become available. Some updates may include dependencies between components. These dependencies will be communicated and built into the component update installers to prevent PowerSchool SIS from being misconfigured. The following table identifies the version number for each PowerSchool SIS component in this release compared to the previous release:

Component

Version Number

 

23.3.0.2

23.3.0.3

PowerSchool SIS Server

23.3.0.2

23.3.0.3

ReportWorks

1.5.1.47

1.5.1.47

PowerScheduler

3.1.0

3.1.0

Oracle

19c

19c

State Reporting

23.3.2.0

23.3.2.0

Report SDK

1.36.0.0

1.36.0.0

Amazon Corretto Java

1.8u322

1.8u322

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.