7 matches found
Cross-site Scripting Vulnerability in Statement Browser
Impact A maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. Patches The problem is patched in version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS. Workarounds No workarounds exist, we recommend upgrading to version...
GHSA-7RW2-3HHP-RC46 Cross-site Scripting Vulnerability in Statement Browser
Impact A maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. Patches The problem is patched in version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS. Workarounds No workarounds exist, we recommend upgrading to version...
CVE-2024-26140
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
Design/Logic Flaw
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
CVE-2024-26140 com.yetanalytics/lrs has Cross-site Scripting Vulnerability in Statement Browser
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
CVE-2024-26140 com.yetanalytics/lrs has Cross-site Scripting Vulnerability in Statement Browser
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
PT-2024-21297 · Unknown +1 · Com.Yetanalytics/Lrs +1
Name of the Vulnerable Software and Affected Versions: com.yetanalytics/lrs versions prior to 1.2.17 SQL LRS versions prior to 0.7.5 Description: A maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. No known workarounds exist...