Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: May 30, 2014
In “TEAMMATES/teammates”, versions V4.98 to V5.00 are vulnerable against XSS as a result of an unsanitized feedbackSessionName, courseId, creatorEmail (in FeedbackSessionsDb).
Weakness Type (CWE)
Cross-Site Scripting (XSS)CWE-79
Upgrade to version V5.01
|Attack Vector (AV):||NETWORK|
|Attack Complexity (AC):||LOW|
|Privileges Required (PR):||NONE|
|User Interaction (UI):||REQUIRED|