CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38964
https://notcve.org/view.php?id=CVE-2023-38964
04 Aug 2023 — Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability. Se ha descubierto que Creative Item Academy LMS 6.0 contiene una vulnerabilidad de Cross Site Scripting (XSS). • https://vida03.gitbook.io/redteam/web/cve-2023-38964 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2023-4119 – Academy LMS courses cross site scripting
https://notcve.org/view.php?id=CVE-2023-4119
03 Aug 2023 — A vulnerability has been found in Academy LMS 6.0 and classified as problematic. This vulnerability affects unknown code of the file /academy/home/courses. The manipulation of the argument query/sort_by leads to cross site scripting. The attack can be initiated remotely. VDB-235966 is the identifier assigned to this vulnerability. • https://packetstorm.news/files/id/173941 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •