CVE-2024-25973

Public Exploit

Multiple Stored Cross-Site Scripting Vulnerabilities

Description

The Frentix GmbH OpenOlat LMS is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities. An attacker with rights to create or edit groups can create a course with a name that contains an XSS payload. Furthermore, attackers with the permissions to create or rename a catalog (sub-category) can enter unfiltered input in the name field. In addition, attackers who are allowed to create curriculums can also enter unfiltered input in the name field. This allows an attacker to execute stored JavaScript code with the permissions of the victim in the context of the user's browser.

Remediation

Solution:

The vendor provides a patched version 18.1.5 or higher for the mentioned vulnerabilities.

References

Link	Tags
https://r.sec-consult.com/openolat	third party advisory exploit
http://seclists.org/fulldisclosure/2024/Feb/23	exploit mailing list

Frequently Asked Questions

What is the severity of CVE-2024-25973?: CVE-2024-25973 has been scored as a medium severity vulnerability.
How to fix CVE-2024-25973?: To fix CVE-2024-25973: The vendor provides a patched version 18.1.5 or higher for the mentioned vulnerabilities.
Is CVE-2024-25973 being actively exploited in the wild?: It is possible that CVE-2024-25973 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-25973?: CVE-2024-25973 affects Frentix GmbH OpenOlat LMS.

Description

Remediation

Categories

CWE-20 – Improper Input Validation

CWE-79 – Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

References

Frequently Asked Questions