CVE-2013-5706

Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to error messages and (1) crafted event attributes or (2) > (greater than) characters that are optional within a browser's HTML implementation, a different issue than CVE-2013-3603.
References
Link Resource
http://www.kb.cert.org/vuls/id/960908 US Government Resource
http://www.kb.cert.org/vuls/id/960908 US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:trivantis:coursemill_learning_management_system:6.8:*:*:*:*:*:*:*

History

21 Nov 2024, 01:57

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/960908 - US Government Resource () http://www.kb.cert.org/vuls/id/960908 - US Government Resource

Information

Published : 2013-09-06 11:15

Updated : 2024-11-21 01:57


NVD link : CVE-2013-5706

Mitre link : CVE-2013-5706

CVE.ORG link : CVE-2013-5706


JSON object : View

Products Affected

trivantis

  • coursemill_learning_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')