5 matches found
CVE-2025-24885 pwn.college has a XSS on dojo pages
pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom unprivileged dojo pages causes ability for users to create stored XSS...
CVE-2025-24885
CVE-2025-24885 concerns pwn.college and its Dojo pages. The reported vulnerability is a missing access control on rendering custom (unprivileged) Dojo pages, enabling stored XSS via the dojo content. The CVE entry documents a CVSS v3.1 base score of 7.6 (HIGH) with attack vector NETWORK, attack c...
CVE-2025-24885 pwn.college has a XSS on dojo pages
pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom unprivileged dojo pages causes ability for users to create stored XSS...
CVE-2025-24885 pwn.college has a XSS on dojo pages
pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom unprivileged dojo pages causes ability for users to create stored XSS...
PT-2025-5592 · Unknown · Pwn.College
Name of the Vulnerable Software and Affected Versions: pwn.college affected versions not specified Description: The issue is related to a lack of access control when generating custom Dojo pages without privileges, allowing users to create stored XSS. This affects the pwn.college platform, which ...