3 matches found
PT-2024-22012 · Friendica · Friendica
Name of the Vulnerable Software and Affected Versions: Friendica version 2023.12 Description: A Cross Site Scripting issue allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature. Recommendations: For Friendica version 2023.12, consider...
CVE-2022-37162
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting XSS. An attacker can obtain javascript code execution by adding arbitrary javascript code in the 'Location' field of a calendar event...
Claroline 跨站脚本漏洞
Claroline is an open source learning management system from Claroline Open Source. A cross-site scripting vulnerability exists in Claroline version 13.5.7 and prior versions, which stems from vulnerability to cross-site scripting XSS attacks. The vulnerability can be exploited to obtain javascrip...