Stored Cross-Site Scripting Vulnerability in KASHIPARA E-learning Management System
CVE-2024-50837

Currently unrated

Key Information:

Vendor

KASHIPARA

Status
KASHIPARA E-learning Management System
Vendor
CVE Published:
14 November 2024

What is CVE-2024-50837?

A Stored Cross-Site Scripting vulnerability exists in the KASHIPARA E-learning Management System version 1.0, specifically in the /admin/admin_user.php component. This security issue permits remote attackers to inject and execute arbitrary scripts through the firstname and username parameters. If successfully exploited, this vulnerability could compromise the integrity and security of the affected application.

References

https://github.com/m14r41/Writeups/blob/main/CVE/Kashipar...

Timeline

  • Vulnerability published

.
CVE-2024-50837 : Stored Cross-Site Scripting Vulnerability in KASHIPARA E-learning Management System