CVE-2024-50841 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request calendar_of_events.php date_start/date_end/title cross site scripting

Inserito da Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability has been found in Kashipara E-Learning Management System Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /lms/admin/calendar_of_events.php of the component HTTP POST Request Handler. The manipulation of the argument date_start/date_end/title leads to cross site scripting.

This vulnerability was named CVE-2024-50841. The attack can be initiated remotely. There is no exploit available.

CVE-2024-50841 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request calendar_of_events.php date_start/date_end/title cross site scripting

Post correlati

CVE-2024-8466 | PHPGurukul Job Portal 1.0 controller.php CATEGORY sql injection

CVE-2024-8727 | DK PDF Plugin up to 1.9.6 on WordPress cross site scripting

CVE-2024-41691 | SyroTech SY-GPON-1110-WDONT 3.1.02-231102 FTP Credentials cleartext storage (CIVN-2024-0225)

CVE-2024-22452 | Dell Display and Peripheral Manager up to 1.2 on macOS Installation access control (dsa-2024-056)