Cross Site Scripting Vulnerability in Creativeitem Academy LMS
CVE-2024-38959

Currently unrated

Key Information:

Vendor: Creativeitem
Status: Academy LMS
Vendor: CVE Published:; 9 July 2024

🔔 Create Creativeitem Vulnerability Alert

What is CVE-2024-38959?

A Cross Site Scripting vulnerability in Creativeitem's Academy LMS version 6.8.1 enables remote attackers to inject arbitrary scripts through the 'string' parameter. This flaw can lead to the execution of malicious code in the context of the user's browser, allowing attackers to access sensitive data or perform actions on behalf of the user without consent.

References

https://medium.com/%40geetmadan22/reflected-cross-site-sc...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2024