CVE-2021-24308

Опубликовано: 24 мая 2021

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

The 'State' field of the Edit profile page of the LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.1 is not properly sanitised when output in the About section of the profile page, leading to a stored Cross-Site Scripting issue. This could allow low privilege users (such as students) to elevate their privilege via an XSS attack when an admin will view their profile.

Ссылки

http://packetstormsecurity.com/files/162856/WordPress-LifterLMS-4.21.0-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/gocodebox/lifterlms/releases/tag/4.21.1
Release Notes
Third Party Advisory
https://wpscan.com/vulnerability/f29f68a5-6575-441d-98c9-867145f2b082
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/162856/WordPress-LifterLMS-4.21.0-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/gocodebox/lifterlms/releases/tag/4.21.1
Release Notes
Third Party Advisory
https://wpscan.com/vulnerability/f29f68a5-6575-441d-98c9-867145f2b082
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lifterlms:lifterlms:*:*:*:*:*:wordpress:*:*

Версия до 4.21.1 (исключая)

EPSS

Процентиль: 50%

0.0027

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3mxr-2h37-xpjx

github

больше 3 лет назад

The 'State' field of the Edit profile page of the LMS by LifterLMS â€“ Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.1 is not properly sanitised when output in the About section of the profile page, leading to a stored Cross-Site Scripting issue. This could allow low privilege users (such as students) to elevate their privilege via an XSS attack when an admin will view their profile.