12 matches found
EUVD-2019-11056
Malware in sbrugna...
EUVD-2019-11057
Malware in sbrugna...
CVE-2019-20513
Open edX Ironwood.1 allows support/certificates?user= reflected XSS...
CVE-2019-20513
Open edX Ironwood.1 allows support/certificates?user= reflected XSS...
Cross site scripting
Open edX Ironwood.1 allows support/certificates?user= reflected XSS...
CVE-2019-20513
Open edX Ironwood.1 is affected by a reflected XSS in the certificates flow, triggered by the parameter user in the URL (…?user=…). The issue arises from insufficient input validation in the web application, allowing an attacker-supplied payload to be reflected in the client context. Impact is sc...
CVE-2019-20513
Open edX Ironwood.1 allows support/certificates?user= reflected XSS...
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
Cross site scripting
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
CVE-2019-20512
The CVE-2019-20512 entry concerns Open edX Ironwood.1, where a reflected XSS flaw is triggered via the course_id parameter in the support/certificates flow. The affected component appears to be the web application handling course resources in Open edX Ironwood.1; the root cause is input from a us...
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
OpenEdx Ironwood.1 Cross Site Scripting
Information -------------------- Advisory by Netsparker Name: Multiple Reflected Cross-site Scripting Vulnerabilities in OpenEdx version Ironwood.1 Affected Software: OpenEdx Affected Versions: Ironwood.1 Homepage: https://open.edx.org/ Vulnerability: Cross site Scripting Severity: Medium Status:...