Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Creativeitem Academy LMS 7.0 contains reflected Cross-Site Scripting (XSS) vulnerabilities via the search parameter to the /academy/blogs endpoint, and the string parameter to the /academy/course_bundles/search/query endpoint. These vulnerabilities are distinct from the patch for CVE-2023-4119, which only fixed XSS in query and sort_by parameters to the /academy/home/courses endpoint.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Creativeitem Academy LMS 安全漏洞
Vulnerability Description
Creativeitem Academy LMS是孟加拉国Creativeitem公司的一个在线学习管理系统。 Creativeitem Academy LMS 7.0版本存在安全漏洞,该漏洞源于对/academy/blogs端点的search参数和/academy/course_bundles/search/query端点的string参数验证不足,可能导致反射型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A