6 matches found
EUVD-2024-0562
Malicious code in bioql PyPI...
CVE-2024-26140
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
CVE-2024-26140
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
CVE-2024-26140 com.yetanalytics/lrs has Cross-site Scripting Vulnerability in Statement Browser
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
CVE-2024-26140 com.yetanalytics/lrs has Cross-site Scripting Vulnerability in Statement Browser
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 o...
LRS Security Vulnerabilities
LRS is a protocol, specification, and logic for building xAPI Learning Record Stores LRS in ClojureScript open source by Yet Analytics. A security vulnerability exists in LRS versions prior to 1.2.17. An attacker exploits this vulnerability to execute script or other markup injections in a browse...