3 matches found
Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms
Advisory ID: HTB23226 Product: Forma Lms Vendor: http://www.formalms.org/ Vulnerable Versions: 1.2.1 and probably prior Tested Version: 1.2.1 Advisory Publication: August 6, 2014 without technical details Vendor Notification: August 6, 2014 Vendor Patch: November 4, 2014 Public Disclosure: Novemb...
CVE-2014-5257
Multiple cross-site scripting XSS vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the 1 idcustom parameter in an amanmenu request or 2 idgame parameter in an alms/games/edit request to appCore/index.php...
Forma Lms 1.2.1 Cross Site Scripting
Advisory ID: HTB23226 Product: Forma Lms Vendor: http://www.formalms.org/ Vulnerable Versions: 1.2.1 and probably prior Tested Version: 1.2.1 Advisory Publication: August 6, 2014 without technical details Vendor Notification: August 6, 2014 Vendor Patch: November 4, 2014 Public Disclosure: Novemb...