CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-34241

A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.7%

CVSS Severity

CVSS v3 Score 4.8

References

https://grumpz.net/cve-2024-34241-a-step-by-step-discovery-guide
https://grumpz.net/cve-2024-34241-a-step-by-step-discovery-guide

Products affected by CVE-2024-34241

Rocketsoft » Rocket Lms » Version: 1.9

cpe:2.3:a:rocketsoft:rocket_lms:1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-34241

Products

Pricing

Contact Us