Simple e-Learning System Cross-Site Scripting Vulnerability

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version 1.0 of Simple e-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of a Bio parameter in the file /vcs/claireblake to filter the user-supplied data a...

[SECURITY] Fedora 35 Update: golang-github-mmarkdown-mmark-2.2.10-5.fc35

Mmark is a powerful markdown processor written in Go, geared towards writing IETF documents. It is, however, also suited for writing complete books and ot her technical documentation, like the Learning Go book mmark source, and I-D text output...

LTI 1.3 Tool Library 安全特征问题漏洞

The LTI 1.3 Tool Library is a library of LTI 1.3 tool providers for building IMS certifications in PHP. A security feature issue vulnerability exists in versions of the LTI 1.3 Tool Library prior to 5.0, which stems from the LTI 1.3 Tool Library is a library used to build LTI 1.3 tool providers f...

PT-2022-20573 · Unknown · Lti 1.3 Tool Library

Name of the Vulnerable Software and Affected Versions: LTI 1.3 Tool Library versions prior to 5.0 Description: The issue concerns the Nonce Claim Value not being validated against the nonce value sent in the Authentication Request. This affects the LTI 1.3 Tool Library, a library used for buildin...

CVE-2022-2396

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

CVE-2022-2396

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

Cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

CVE-2022-2396 SourceCodester Simple e-Learning System claire_blake cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

CVE-2022-2396 SourceCodester Simple e-Learning System claire_blake cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

CVE-2022-2396

CVE-2022-2396 affects SourceCodester Simple e-Learning System 1.0. The vulnerability is an XSS in the /vcs/claire_blake endpoint, triggered by manipulating the Bio parameter with payload like >. Root cause is lack of input filtering on Bio, leading to client-side script execution. Attack can b...

Beijing Century Super Star Information Technology Development Co., Ltd. learning through the quality of engineering platform there are logical flaws vulnerabilities

Beijing Century Super Star Information Technology Development Co., Ltd. is an education informatization enterprise driven by technology, product and service innovation. A logic flaw vulnerability exists in the Beijing Century Super Star Information Technology Development Limited Liability Company...

Security Bulletin: Watson Machine Learning Accelerator is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22971)

Summary Watson Machine Learning Accelerator is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22971 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast t...

The Forecast Is Flipped: Flipping L&D to Ensure Continuous Growth

At Rapid7, we staunchly believe that our people are central to upholding our mission and embodying our core values to ultimately drive our customers into a more secure future. For this reason, Rapid7 works tediously to ensure that our Moose have ample opportunities to learn and grow in their...

DLS 路径遍历漏洞

DLS is a GUI-based deep learning platform open-sourced by SummaLabs. DLS version 0.1.0 and previous versions have a security vulnerability , the vulnerability stems from Flask sendfile function call incorrectly leads to absolute path traversal...

Secretflow - A Unified Framework For Privacy-Preserving Data Analysis And Machine Learning

SecretFlow is a unified framework for privacy-preserving data intelligence and machine learning. To achieve this goal, it provides: An abstract device layer consists of plain devices and secret devices which encapsulate various cryptographic protocols. A device flow layer modeling higher algorith...

vulhub

This is an open-source collection of vulnerable web applications and environments for testing and learning purposes. It is a repository of vulnerable systems, including web applications, databases, and networks, that can be used to test and demonstrate various types of cyber attacks and...

[SECURITY] Fedora 36 Update: golang-github-mmarkdown-mmark-2.2.10-5.fc36

Mmark is a powerful markdown processor written in Go, geared towards writing IETF documents. It is, however, also suited for writing complete books and ot her technical documentation, like the Learning Go book mmark source, and I-D text output...

DeepTraffic - Deep Learning Models For Network Traffic Classification

For more information please read our papers.  Wei Wang's Google Scholar Homepage Wei Wang, Xuewen Zeng, Xiaozhou Ye, Yiqiang Sheng and Ming Zhu,"Malware Traffic Classification Using Convolutional Neural Networks for Representation Learning," in the 31st International Conference on Information...

Huawei MindSpore Community numeric error vulnerability

Huawei MindSpore Community is an open source deep learning framework from Huawei China.A numerical error vulnerability exists in versions prior to Huawei MindSpore Community 1.3.0, which stems from the fact that when performing the initialization operation of the Split operator, if a dimension in...

BigBlueButton 2.3 / 2.4.7 Cross Site Scripting

CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References -----------------...