EUVD-2024-0562

Malicious code in bioql PyPI...

CVE-2024-26140

com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...

CVE-2024-26140

com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...

Design/Logic Flaw

com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...

CVE-2024-26140 com.yetanalytics/lrs has Cross-site Scripting Vulnerability in Statement Browser

com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...

PT-2024-21297 · Unknown +1 · Com.Yetanalytics/Lrs +1

Name of the Vulnerable Software and Affected Versions: com.yetanalytics/lrs versions prior to 1.2.17 SQL LRS versions prior to 0.7.5 Description: A maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. No known workarounds exist...