CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38964
https://notcve.org/view.php?id=CVE-2023-38964
Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability. Se ha descubierto que Creative Item Academy LMS 6.0 contiene una vulnerabilidad de Cross Site Scripting (XSS). • https://vida03.gitbook.io/redteam/web/cve-2023-38964 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4119 – Academy LMS courses cross site scripting
https://notcve.org/view.php?id=CVE-2023-4119
A vulnerability has been found in Academy LMS 6.0 and classified as problematic. This vulnerability affects unknown code of the file /academy/home/courses. The manipulation of the argument query/sort_by leads to cross site scripting. The attack can be initiated remotely. VDB-235966 is the identifier assigned to this vulnerability. • https://www.exploit-db.com/exploits/51654 http://packetstormsecurity.com/files/173941/Academy-LMS-6.0-Cross-Site-Scripting.html https://vuldb.com/?ctiid.235966 https://vuldb.com/?id.235966 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •