CVE-2024-34241

A cross-site scripting XSS vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications...

EUVD-2024-34707

Malicious code in bioql PyPI...

CVE-2023-3477

A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /contact/store of the component Contact Form. The manipulation of the argument name/subject/message leads to cross site scripting. The attack can be...

CVE-2024-34241

Summary: CVE-2024-34241 describes a stored XSS in Rocketsoft Rocket LMS 1.9. An administrator can inject a JavaScript payload through the admin web interface when creating new courses or course notifications, enabling script execution in the context of other users. Affected product: Rocketsoft Ro...

CVE-2024-34241

A cross-site scripting XSS vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications...

CVE-2024-34241

A cross-site scripting XSS vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications...

Rocketsoft Rocket LMS 跨站脚本漏洞

RocketSoft Rocket LMS is a full-featured Learning Management System from RocketSoft, Inc. A security vulnerability exists in Rocketsoft Rocket LMS version 1.9 that stems from the presence of a cross-site scripting XSS vulnerability that allows administrators to store JavaScript payloads using the...

CVE-2023-3477

A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /contact/store of the component Contact Form. The manipulation of the argument name/subject/message leads to cross site scripting. The attack can be...

Cross site scripting

A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /contact/store of the component Contact Form. The manipulation of the argument name/subject/message leads to cross site scripting. The attack can be...

CVE-2023-3477

The CVE-2023-3477 issue affects RocketSoft Rocket LMS 1.7, specifically the Contact Form component at /contact/store. The root cause described across connected docs is that the name/subject/message parameters can be manipulated to trigger cross-site scripting, with remote initiation. Several sour...

RocketSoft Rocket LMS 跨站脚本漏洞

RocketSoft Rocket LMS is a full-featured Learning Management System from RocketSoft. A cross-site scripting vulnerability exists in RocketSoft Rocket LMS version 1.7, which stems from the name/subject/message parameter in the file /contact/store that causes cross-site scripting...