CVE-2024-8002 – VIWIS LMS Cross-Site Scripting Vulnerability

1月 8, 2025
8:16 am

CVE ID : CVE-2024-8002

Published : Jan. 8, 2025, 7:15 a.m. | 1 hour, 1 minute ago

Description : A vulnerability has been found in VIWIS LMS 9.11 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component File Upload. The manipulation of the argument filename leads to cross site scripting. The attack can be launched remotely. Upgrading to version 9.12 is able to address this issue. It is recommended to upgrade the affected component.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-8002 – VIWIS LMS Cross-Site Scripting Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12712 – BigCommerce Unauthenticated Order Status Modification Vulnerability

CVE-2024-12853 – WordPress Modula Image Gallery Remote File Upload Vulnerability

CVE-2024-12854 – “WordPress Garden Gnome Package Plugin Remote Code Execution File Upload Vulnerability”

CVE-2024-11350 – AdForest WordPress Privilege Escalation Vulnerability

CVE-2024-11939 – WordPress Cost Calculator Builder PRO SQL Blind Time-Based Injection

CVE-2024-12328 – Elementor MAS WordPress Stored Cross-Site Scripting Vulnerability

CVE-2024-8002 – VIWIS LMS Cross-Site Scripting Vulnerability

CVE-2024-8002 – VIWIS LMS Cross-Site Scripting Vulnerability