1 results (0.001 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in Overdrive Eletrônica course-builder up to 1.7.x and classified as problematic. Affected by this issue is some unknown functionality of the file coursebuilder/modules/oeditor/oeditor.html. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.0 is able to address this issue. • https://github.com/overdrive-diy/course-builder/commit/e39645fd714adb7e549908780235911ae282b21b https://github.com/overdrive-diy/course-builder/releases/tag/V1.8.0 https://vuldb.com/?ctiid.218372 https://vuldb.com/?id.218372 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •