38 matches found
CVE-2023-43193
Submitty before v22.06.00 is vulnerable to Cross Site Scripting XSS. An attacker can create a malicious link in the forum that leads to XSS...
CVE-2023-43193
Submitty before v22.06.00 is vulnerable to Cross Site Scripting XSS. An attacker can create a malicious link in the forum that leads to XSS...
CVE-2023-43194
Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter...
Submitty 20.04.01 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE :...
Submitty 20.04.01 Cross Site Scripting
Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE : CVE-2020-12882 Description: Submitty...
Submitty 20.04.01 - Persistent Cross-Site Scripting
Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE : CVE-2020-12882 Description: Submitty...
Submitty Input Validation Error Vulnerability
Submitty is an open source course management system . The system supports course management , assignment submission , exams and grading system and other functions . An input validation error vulnerability exists in the login page in Submitty versions 20.04.01 and earlier. The vulnerability stems...
Submitty Cross-Site Scripting Vulnerability
Submitty is an open source course management system . The system supports course management , assignment submission , exams and grading system and other functions . A cross-site scripting vulnerability exists in Submitty 20.04.01 and earlier versions , the vulnerability stems from the lack of...
CVE-2020-13121
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...
CVE-2020-13121
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...
Open redirect
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...
CVE-2020-13121
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...
CVE-2020-13121
Submitty up to version 20.04.01 contains an open redirect vulnerability triggered by an invalid login attempt via authentication/login?old=. The issue can redirect users to a malicious site, with potential for phishing or credential harvesting. Technical details in connected documents show affect...
CVE-2020-12882
Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...
CVE-2020-12882
Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...
Cross site scripting
Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...
CVE-2020-12882
Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...
CVE-2020-12882
CVE-2020-12882 concerns Submitty up to version 20.04.01, where an SVG document upload in submissions enables cross-site scripting. The collected sources consistently describe an XSS vulnerability originating from insufficient validation of client-side data during SVG uploads, as demonstrated by a...