06 Fév 2023
Vulnérabilité CVE-2023-0236 CVE Vulnerability
The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin (CVSS:0.0) (Last Update:2023-02-06)
Vulnerability Details : The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin Publish Date : 2023-02-06 Last Update Date : 2023-02-06 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2023-0236
- References For CVE-2023-0236
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2023-0236There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |