CVE-2022-38553

Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:creativeitem:academy_learning_management_system:*:*:*:*:*:*:*:*

History

07 Nov 2023, 03:50

Type Values Removed Values Added
References
  • {'url': 'https://demo.creativeitem.com/academy/home/search?query=%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E', 'name': 'https://demo.creativeitem.com/academy/home/search?query=%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E', 'tags': ['Product'], 'refsource': 'MISC'}
  • () https://demo.creativeitem.com/academy/home/search?query=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E -

Information

Published : 2022-09-26 10:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-38553

Mitre link : CVE-2022-38553

CVE.ORG link : CVE-2022-38553


JSON object : View

Products Affected

creativeitem

  • academy_learning_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')