CVE-2024-34241

Description

A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications.

References

https://grumpz.net/cve-2024-34241-a-step-by-step-discovery-guide

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3