CVE-2024-50841 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request calendar_of_events.php date_start/date_end/title cross site scripting

Inserito da Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability has been found in Kashipara E-Learning Management System Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /lms/admin/calendar_of_events.php of the component HTTP POST Request Handler. The manipulation of the argument date_start/date_end/title leads to cross site scripting.

This vulnerability was named CVE-2024-50841. The attack can be initiated remotely. There is no exploit available.

CVE-2024-50841 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request calendar_of_events.php date_start/date_end/title cross site scripting

Post correlati

CVE-2024-51990 | martinvonz jj up to 0.22.x Git Repository path traversal (GHSA-88h5-6w7m-5w56)

VDB-250562 | ECshop 4.1.8 /admin/view_sendlist.php sql injection

CVE-2023-6438 | IceCMS 2.0.1 Like /WebArticle/articles/ improper enforcement of a single, unique action

CVE-2024-35838 | Linux Kernel up to 6.1.75/6.6.14/6.7.2 mac80211 memory leak