CVE-2024-50836 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request /lms/admin/teachers.php firstname/lastname cross site scripting

Posted by Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Kashipara E-Learning Management System Project 1.0. Affected by this issue is some unknown functionality of the file /lms/admin/teachers.php of the component HTTP POST Request Handler. The manipulation of the argument firstname/lastname leads to cross site scripting.

This vulnerability is handled as CVE-2024-50836. The attack may be launched remotely. There is no exploit available.

CVE-2024-50836 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request /lms/admin/teachers.php firstname/lastname cross site scripting

Related Posts

CVE-2024-38481 | Dell iDRAC Service Module up to 5.3.0.0 out-of-bounds (dsa-2024-086)

CVE-2024-32418 | flusity CMS 2.33 add_addon.php Privilege Escalation

CVE-2024-2859 | Brocade SANnav 2.3.0 access control

CVE-2024-22012 | Google Android kernel out-of-bounds write