CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2022-38553
https://notcve.org/view.php?id=CVE-2022-38553
Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter. Se ha detectado que Academy Learning Management System versiones anteriores a 5.9.1, contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado por medio del parámetro Search. • https://github.com/4websecurity/CVE-2022-38553 http://academy.com https://codecanyon.net/item/academy-course-based-learning-management-system/22703468 https://demo.creativeitem.com/academy/home https://demo.creativeitem.com/academy/home/search?query=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E https://github.com/4websecurity/CVE-2022-38553/blob/main/README.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •