CVE-2023-6359
CVE-2023-6359 — Alumne LMS suffers a Cross-Site Scripting (XSS) vulnerability in version 4.0.0.1.08 due to inadequate sanitization of the localidad parameter on the "/users/editmy" page. An attacker could inject a JavaScript payload via this field and partially take over another user’s browser se...