CVE-2022-31553

The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31553

The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

sleep-learner 路径遍历漏洞

sleep-learner is a Canadian Yutong personal developer used to try to play recordings while a person sleeps in order to convey a message. A security vulnerability exists in sleep-learner version 2021-02-21 and earlier versions, which stems from an incorrect call to Flask's sendfile function that...

Undetectable Backdoors in Machine-Learning Models

New paper: "Planting Undetectable Backdoors in Machine Learning Models": Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectab...

Meet Anthony Hogg: Senior Enterprise Architect and Lifelong Learner

At Akamai and across the tech industry at large, best practices and tools are constantly evolving. To keep up with these changes, a passion for learning is key, especially among those who support and enable others. One Senior Enterprise Architect on Akamai’s Advanced Solutions team, Anthony Hogg,...

csumoodle.remote-learner.net Cross Site Scripting vulnerability OBB-2285905

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-36747

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form...

CVE-2021-36747

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form...

Design/Logic Flaw

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form...

CVE-2021-36747

CVE-2021-36747 affects Blackboard Learn (through version 9.1). An authenticated user can trigger cross-site scripting via the Feedback to Learner form. Root cause is an input/output handling flaw in the Feedback to Learner workflow that allows script execution. Impact is described as cross-site s...

CVE-2021-36747

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form...

Blackboard Learn 跨站脚本漏洞

Blackboard Learn is a learning management system from Blackboard, Inc. in the United States. Blackboard Learn suffers from a security vulnerability that allows authenticated users to cross-site by giving feedback to learners...

CVE-2021-28579

Adobe Connect version 11.2.1 and earlier is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants...

CVE-2021-28579

Adobe Connect version 11.2.1 and earlier is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants...

Improper access control

Adobe Connect version 11.2.1 and earlier is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants...

CVE-2021-28579

Adobe Connect

CVE-2021-28579 Adobe Connect improper access control could lead to privilege escalation

Adobe Connect version 11.2.1 and earlier is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants...

PT-2021-6264 · Adobe · Connect

Name of the Vulnerable Software and Affected Versions: Adobe Connect versions 11.2.1 and earlier Description: The issue is related to improper access control in Adobe Connect, which can lead to the elevation of privileges. An attacker with Learner permissions can exploit this to access the list o...

Oracle iLearning Unauthorized Access Vulnerability

Oracle iLearning is an enterprise-class Learning Management System LMS that provides organizations with a complete infrastructure for managing, delivering, and tracking online training in a classroom-based environment. A security vulnerability exists in the Learner Pages component of Oracle...

CVE-2020-2709

Vulnerability in the Oracle iLearning product of Oracle iLearning component: Learner Pages. The supported version that is affected is 6.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human...