Main Banks Non-banking financial sector Cyber fraud

CVE-2018-16173

Cross-site scripting vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

    Product

  • thimpress learnpress 1.0
  • thimpress learnpress 2.0.6
  • thimpress learnpress 2.0.9
  • thimpress learnpress 2.1.0
  • thimpress learnpress 2.1.3
  • thimpress learnpress 2.1.4
  • thimpress learnpress 2.1.5.2
  • thimpress learnpress 2.1.5.3
  • thimpress learnpress 2.1.6
  • thimpress learnpress 2.1.7
  • thimpress learnpress 2.1.8
  • thimpress learnpress 3.0.0

Score

4.3

Source

http://nvd.nist.gov

Access-complexity

MEDIUM

Access-vector

NETWORK