Title:EDX Open edX 跨站脚本漏洞 (CVE-2022-32195) Description:EDX Open edX是美国EDX公司的一套在线学习管理系统。 EDX Open edX 2022-06-06之前版本存在安全漏洞。攻击者利用该漏洞通过注销 URL 中的“next”参数进行 跨站脚本攻击。
Description
Open edX before 2022-06-06 contains a reflected cross-site scripting vulnerability via the 'next' parameter in the logout URL.
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.