Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to error messages and (1) crafted event attributes or (2) > (greater than) characters that are optional within a browser's HTML implementation, a different issue than CVE-2013-3603.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/960908 | US Government Resource |
http://www.kb.cert.org/vuls/id/960908 | US Government Resource |
Configurations
History
21 Nov 2024, 01:57
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/960908 - US Government Resource |
Information
Published : 2013-09-06 11:15
Updated : 2024-11-21 01:57
NVD link : CVE-2013-5706
Mitre link : CVE-2013-5706
CVE.ORG link : CVE-2013-5706
JSON object : View
Products Affected
trivantis
- coursemill_learning_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')