Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page.
- https://github.com/OpenXP-Research/CVE-2022-47131
- https://portswigger.net/web-security/csrf
- https://portswigger.net/web-security/csrf/xss-vs-csrf
- https://www.linkedin.com/in/xvinicius/
- https://xpsec.co/blog/academy-lms-5-10-add-page-csrf-xss
- https://github.com/OpenXP-Research/CVE-2022-47131