Today > | 3 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-34241

May 17, 2024, 6:35 p.m.

Product(s) Impacted

Rocketsoft Rocket LMS

  • 1.9

Description

A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications.

Weaknesses

Date

Published: May 17, 2024, 4:15 p.m.

Last Modified: May 17, 2024, 6:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://grumpz.net/ cve@mitre.org