Cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit h...

Online Learning System Cross-Site Scripting Vulnerability

Online Learning System is an online learning system by oretnom23 individual developers. A cross-site scripting vulnerability exists in Online Learning System V2 version 1.0, which stems from an incorrect manipulation of the parameter page that can lead to cross-site scripting...

CVE-2024-1970 SourceCodester Online Learning System V2 index.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit h...

CVE-2024-1970 SourceCodester Online Learning System V2 index.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit h...

CVE-2024-1970

CVE-2024-1970 affects SourceCodester Online Learning System V2.1.0 (and V2.0 in various records) with a cross-site scripting vulnerability in an unknown function of /index.php. The issue arises from manipulation of the page parameter, enabling remote exploitation and providing the attacker with a...

PT-2024-18460 · Unknown · Sourcecodester Online Learning System V2

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Learning System V2 version 1.0 Description: A problematic issue was found in the software, affecting an unknown function of the file /index.php. The manipulation of the page argument leads to cross-site scripting. It is...

LRS Security Vulnerabilities

LRS is a protocol, specification, and logic for building xAPI Learning Record Stores LRS in ClojureScript open source by Yet Analytics. A security vulnerability exists in LRS versions prior to 1.2.17. An attacker exploits this vulnerability to execute script or other markup injections in a browse...

OpenOLAT Cross-Site Scripting Vulnerability

OpenOLAT is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a Learning Management System. A security vulnerability exists in OpenOlat LMS. An attacker exploited the vulnerability to execute stored JavaScript code in a user's browser with the privilege...

PT-2024-21297 · Unknown +1 · Com.Yetanalytics/Lrs +1

Name of the Vulnerable Software and Affected Versions: com.yetanalytics/lrs versions prior to 1.2.17 SQL LRS versions prior to 0.7.5 Description: A maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. No known workarounds exist...

e-learning.ippo.kubg.edu.ua Cross Site Scripting vulnerability OBB-3855046

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 23.0.2-IF001

Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 23.0.2-IF001 addresses the following vulnerabilities. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain...

moodle security breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in moodle that stems from improperly managed access rights...

WordPress Plugin MasterStudy LMS WordPress Plugin Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Paving a Path to Systems Administration: Naeem Jones’ Journey with Rapid7

Prior to becoming a Systems Administrator at Rapid7, Naeem Jones entered his career in cybersecurity through the Hack. Diversity program. Hack.Diversity is a program that connects talented Black and Latin/x students and early-career professionals with organizations that are looking to build...

Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms

The winner of the Best Paper Award at Crypto this year was a significant improvement to lattice-based cryptanalysis. This is important, because a bunch of NISTs post-quantum options base their security on lattice problems. I worry about standardizing on post-quantum algorithms too quickly. We are...

CVE-2023-50875

CVE-2023-50875 affects the WordPress Sensei LMS plugin (versions

Moodle Access Control Error Vulnerability

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. An access control error vulnerability exists in the Moodle LMS that stems from insufficient access control...

WordPress Plugin Sensei LMS Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Announcing TotalCloud™ 2.0 with TruRisk™ Insights: The Future of Cloud and SaaS Security

Rapid cloud and SaaS adoption is driving digital transformation thats reshaping business agility and scalability, making cloud and SaaS security more critical than ever. Recognizing this shift, in November 2022, Qualys launched TotalCloud – an AI-powered cloud-native application protection platfo...

WordPress Plugin LearnDash LMS Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...