4 matches found
CVE-2025-10388
A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...
CVE-2025-10388 Selleo Mentingo Create New Course Basic Settings enroll-course cross site scripting
A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...
CVE-2025-10388
The CVE-2025-10388 vulnerability concerns Selleo Mentingo version 2025.08.27. Affected component: Create New Course Basic Settings, specifically the /api/course/enroll-course endpoint. Root cause: manipulation of the Description argument leading to cross-site scripting (XSS). The issue can be exp...
Selleo Mentingo 代码注入漏洞
Selleo Mentingo is an in-house training and employee development platform from Selleo Poland. A code injection vulnerability exists in Selleo Mentingo version 2025.08.27, which stems from an incorrect manipulation of the parameter Description in the file /api/course/enroll-course, which could lea...