Lucene search
K

38 matches found

Cvelist
Cvelist
added 2023/11/02 12:0 a.m.39 views

CVE-2023-43193

Submitty before v22.06.00 is vulnerable to Cross Site Scripting XSS. An attacker can create a malicious link in the forum that leads to XSS...

6.2AI score0.00469EPSS
Exploits1References2
OSV
OSV
added 2023/11/02 12:0 a.m.29 views

CVE-2023-43193

Submitty before v22.06.00 is vulnerable to Cross Site Scripting XSS. An attacker can create a malicious link in the forum that leads to XSS...

6.1CVSS6.5AI score0.00469EPSS
Exploits1References4
OSV
OSV
added 2023/11/02 12:0 a.m.18 views

CVE-2023-43194

Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter...

5.3CVSS7AI score0.00505EPSS
Exploits1References4
0day.today
0day.today
added 2020/05/19 12:0 a.m.44 views

Submitty 20.04.01 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE :...

3.5CVSS5.8AI score0.01203EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/05/19 12:0 a.m.301 views

Submitty 20.04.01 Cross Site Scripting

Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE : CVE-2020-12882 Description: Submitty...

3.5CVSS5.6AI score0.01203EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/05/19 12:0 a.m.258 views

Submitty 20.04.01 - Persistent Cross-Site Scripting

Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE : CVE-2020-12882 Description: Submitty...

5.4CVSS5.8AI score0.01203EPSS
Exploits3
CNVD
CNVD
added 2020/05/18 12:0 a.m.2 views

Submitty Input Validation Error Vulnerability

Submitty is an open source course management system . The system supports course management , assignment submission , exams and grading system and other functions . An input validation error vulnerability exists in the login page in Submitty versions 20.04.01 and earlier. The vulnerability stems...

6.1CVSS7AI score0.03518EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/18 12:0 a.m.1 views

Submitty Cross-Site Scripting Vulnerability

Submitty is an open source course management system . The system supports course management , assignment submission , exams and grading system and other functions . A cross-site scripting vulnerability exists in Submitty 20.04.01 and earlier versions , the vulnerability stems from the lack of...

5.4CVSS6.4AI score0.01203EPSS
Exploits3References1
NVD
NVD
added 2020/05/16 8:15 p.m.18 views

CVE-2020-13121

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...

6.1CVSS6.3AI score0.03518EPSS
Exploits1References1
OSV
OSV
added 2020/05/16 8:15 p.m.11 views

CVE-2020-13121

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...

6.1CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2020/05/16 8:15 p.m.13 views

Open redirect

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...

5.8CVSS6.2AI score0.03518EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/16 7:39 p.m.16 views

CVE-2020-13121

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...

6.3AI score0.03518EPSS
Exploits1References1
CVE
CVE
added 2020/05/16 7:39 p.m.69 views

CVE-2020-13121

Submitty up to version 20.04.01 contains an open redirect vulnerability triggered by an invalid login attempt via authentication/login?old=. The issue can redirect users to a malicious site, with potential for phishing or credential harvesting. Technical details in connected documents show affect...

6.1CVSS6.3AI score0.03518EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/05/15 5:15 a.m.26 views

CVE-2020-12882

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...

5.4CVSS5.3AI score0.01203EPSS
Exploits3References2
OSV
OSV
added 2020/05/15 5:15 a.m.15 views

CVE-2020-12882

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...

5.4CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2020/05/15 5:15 a.m.14 views

Cross site scripting

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...

3.5CVSS5.2AI score0.01203EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2020/05/15 4:55 a.m.26 views

CVE-2020-12882

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow...

5.3AI score0.01203EPSS
Exploits3References2
CVE
CVE
added 2020/05/15 4:55 a.m.78 views

CVE-2020-12882

CVE-2020-12882 concerns Submitty up to version 20.04.01, where an SVG document upload in submissions enables cross-site scripting. The collected sources consistently describe an XSS vulnerability originating from insufficient validation of client-side data during SVG uploads, as demonstrated by a...

5.4CVSS5.2AI score0.01203EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder