2 matches found
CVE-2026-24900 MarkUs has a submission-view IDOR exposes all student submissions
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, the courses//assignments//submissions/htmlcontent accepted a selectfileid parameter to serve SubmissionFile objects containing a record of files submitted by students. This parameter was not correct...
WordPress ShopLentor Plugin <= 2.9.0 is vulnerable to Cross Site Scripting (XSS)
Software ShopLentor Type Plugin Vulnerable versions = 2.9.0 Fixed in 2.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5530 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7f83560dcee5 Credits wesley wcraft Required...