exploitDog

GHSA-rxc6-c5mm-j9vx

Опубликовано: 26 нояб. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG cover images.

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG cover images.

Ссылки

EPSS

Процентиль: 19%

0.00059

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-65676

CVSS3: 5.4

nvd

2 месяца назад

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG cover images.

EPSS

Процентиль: 19%

0.00059

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79