Creativeitem: >> Academy Lms >> 2.3 Security Vulnerabilities
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users.
CVSS Score
8.8
EPSS Score
0.063
Published
2023-02-03
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page.
CVSS Score
4.3
EPSS Score
0.065
Published
2023-02-03
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page.
CVSS Score
4.8
EPSS Score
0.003
Published
2023-02-03