Skip to main content

Idealms

2 CVEs product

Monthly

CVE-2022-31786 MEDIUM POC This Month

IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via the IdeaLMS/Class/Assessment/ PATH_INFO. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Idealms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-31788 CRITICAL POC THREAT Act Now

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Idealms
NVD GitHub
CVSS 3.1
9.8
EPSS
14.3%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via the IdeaLMS/Class/Assessment/ PATH_INFO. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Idealms
NVD GitHub
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Idealms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy