CVE-2020-36998

Forma.lms The E-Learning Suite 2.3.0.2 contains a persistent cross-site scripting vulnerability in multiple course and profile parameters. Attackers can inject malicious scripts in course code, name, description fields, and email parameter to execute arbitrary JavaScript without proper input...

CVE-2020-36998 forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting

Forma.lms The E-Learning Suite 2.3.0.2 contains a persistent cross-site scripting vulnerability in multiple course and profile parameters. Attackers can inject malicious scripts in course code, name, description fields, and email parameter to execute arbitrary JavaScript without proper input...

CVE-2020-36998 forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting

Forma.lms The E-Learning Suite 2.3.0.2 contains a persistent cross-site scripting vulnerability in multiple course and profile parameters. Attackers can inject malicious scripts in course code, name, description fields, and email parameter to execute arbitrary JavaScript without proper input...

forma.lms cross-site scripting vulnerability

forma.lms is an open-source, web-based online learning platform developed by individual developers. Version 2.3.0.2 of forma.lms contains a cross-site scripting vulnerability. This vulnerability arises from improper cleaning of inputs for course code, name, description fields, and email parameter...

CVE-2020-36960 Forma LMS 2.3 - 'First & Last Name' Stored Cross-Site Scripting

Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like 'alertdocument.cookie' to execute arbitrary JavaScript when the profile is viewed by other users...

CVE-2020-36960

Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like '' to execute arbitrary JavaScript when the profile is viewed by other users...

CVE-2020-36960 Forma LMS 2.3 - 'First & Last Name' Stored Cross-Site Scripting

Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like 'alertdocument.cookie' to execute arbitrary JavaScript when the profile is viewed by other users...

Forma LMS cross-site scripting vulnerability

Forma LMS is an open-source learning management system developed by the Italian company Forma. Version 2.3 of Forma LMS contains a cross-site scripting vulnerability. This vulnerability stems from the storage-based cross-site scripting in the user name field, which may allow for the execution of...

PT-2026-4784

Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like 'alertdocument.cookie' to execute arbitrary JavaScript when the profile is viewed by other users...

EUVD-2019-14717

Malware in sbrugna...

EUVD-2019-14716

Malware in sbrugna...

EUVD-2019-14714

Malware in sbrugna...

EUVD-2014-5150

Malware in sbrugna...

EUVD-2019-14715

Malware in sbrugna...

EUVD-2022-45981

Malicious code in bioql PyPI...

EUVD-2022-31643

Malicious code in bioql PyPI...

EUVD-2022-44864

Malicious code in bioql PyPI...

EUVD-2022-44866

Malicious code in bioql PyPI...

EUVD-2022-45979

Malicious code in bioql PyPI...

EUVD-2022-44865

Malicious code in bioql PyPI...