EUVD-2023-58600

Malicious code in bioql PyPI...

The vulnerability of the e-learning platform Alumne LMS, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the e-learning platform Alumne LMS is related to the lack of measures taken to protect the website structure when processing the “localidad” parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2023-6359

A Cross-Site Scripting XSS vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the...

CVE-2023-6359

A Cross-Site Scripting XSS vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the...

Cross site scripting

A Cross-Site Scripting XSS vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the...

CVE-2023-6359

CVE-2023-6359 — Alumne LMS suffers a Cross-Site Scripting (XSS) vulnerability in version 4.0.0.1.08 due to inadequate sanitization of the localidad parameter on the "/users/editmy" page. An attacker could inject a JavaScript payload via this field and partially take over another user’s browser se...

CVE-2023-6359 Cross-Site Scripting in Alumne LMS

A Cross-Site Scripting XSS vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the...

Alumne LMS Cross-Site Scripting Vulnerability

Alumne LMS is an e-learning platform from Alumne LMS, Inc. A cross-site scripting vulnerability exists in Alumne LMS version 4.0.0.1.08, which stems from a lack of proper cleanup in the localidad field on the /users/editmy page, and can be exploited by an attacker to inject a custom JavaScript lo...

PT-2023-7322 · Unknown · Alumne Lms

Name of the Vulnerable Software and Affected Versions: Alumne LMS version 4.0.0.1.08 Description: A Cross-Site Scripting XSS issue has been found in Alumne LMS, where an attacker could exploit the localidad parameter to inject a custom JavaScript payload. This could allow the attacker to partiall...