CVE-2024-50837 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request admin_user.php firstname/username cross site scripting

Posted by Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability was found in Kashipara E-Learning Management System Project 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /lms/admin/admin_user.php of the component HTTP POST Request Handler. The manipulation of the argument firstname/username leads to cross site scripting.

This vulnerability is handled as CVE-2024-50837. The attack may be launched remotely. There is no exploit available.

CVE-2024-50837 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request admin_user.php firstname/username cross site scripting

Related Posts

CVE-2023-51394 | Silabs Ember ZNet SDK up to 7.3.x null pointer dereference

CVE-2023-51068 | QStar Archive Solutions 3-0 Build 7 Link cross site scripting

CVE-2024-4632 | CartFlows WooCommerce Checkout & Funnel Builder Plugin up to 2.0.7 on WordPress cross site scripting

CVE-2024-2242 | Contact Form 7 Plugin up to 5.9 on WordPress cross site scripting