Количество 2
Количество 2
CVE-2024-26140
com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS. No known workarounds exist.
GHSA-7rw2-3hhp-rc46
Cross-site Scripting Vulnerability in Statement Browser
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-26140 com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS. No known workarounds exist. | CVSS3: 4.6 | 0% Низкий | почти 2 года назад |
| GHSA-7rw2-3hhp-rc46 Cross-site Scripting Vulnerability in Statement Browser | CVSS3: 4.6 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу