Описание
Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures.
Ссылки
- Product
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:classroomio:classroomio:0.1.13:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00059
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
2 месяца назад
Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures.
EPSS
Процентиль: 19%
0.00059
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79