3 matches found
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
CVE-2019-20512
The CVE-2019-20512 entry concerns Open edX Ironwood.1, where a reflected XSS flaw is triggered via the course_id parameter in the support/certificates flow. The affected component appears to be the web application handling course resources in Open edX Ironwood.1; the root cause is input from a us...