CVE-2024-50837 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request admin_user.php firstname/username cross site scripting

Posted by Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability was found in Kashipara E-Learning Management System Project 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /lms/admin/admin_user.php of the component HTTP POST Request Handler. The manipulation of the argument firstname/username leads to cross site scripting.

This vulnerability is handled as CVE-2024-50837. The attack may be launched remotely. There is no exploit available.

CVE-2024-50837 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request admin_user.php firstname/username cross site scripting

Related Posts

CVE-2024-1414 | Exclusive Addons for Elementor Plugin up to 2.6.9 on WordPress Call To Action Widget cross site scripting

CVE-2024-34070 | Froxlor up to 2.1.8 System Log loginname cross site scripting

CVE-2024-7267 | EZD RP up to 19.5 IP Infrastructure unknown vulnerability

CVE-2024-32948 | Repute Infosystems ARMember Plugin up to 4.0.28 on WordPress authorization