CVE-2024-25973
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-25973
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-25973.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-25973
- Published
- 2024-02-20T08:15:07Z
- Modified
- 2025-03-14T02:52:30.744477Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The Frentix GmbH OpenOlat LMS is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities. An attacker with rights to create or edit groups can create a course with a name that contains an XSS payload. Furthermore, attackers with the permissions to create or rename a catalog (sub-category) can enter unfiltered input in the name field. In addition, attackers who are allowed to create curriculums can also enter unfiltered input in the name field. This allows an attacker to execute stored JavaScript code with the permissions of the victim in the context of the user's browser.
- References
Affected packages
Git / github.com/openolat/openolat
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openolat/openolat
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
OLAT-7.*
OLAT-7.1.0
OpenOLAT_10.*
OpenOLAT_10.0.0
OpenOLAT_10.0.1
OpenOLAT_10.0.2
OpenOLAT_10.0.3
OpenOLAT_10.0.4
OpenOLAT_10.0.5
OpenOLAT_10.0.6
OpenOLAT_10.0.7
OpenOLAT_10.0.8
OpenOLAT_10.0.9
OpenOLAT_10.1.0
OpenOLAT_10.1.1
OpenOLAT_10.1.2
OpenOLAT_10.1.3
OpenOLAT_10.2.0
OpenOLAT_10.2.1
OpenOLAT_10.2.2
OpenOLAT_10.2.3
OpenOLAT_10.2.4
OpenOLAT_10.2.5
OpenOLAT_10.3.0
OpenOLAT_10.3.1
OpenOLAT_10.3.2
OpenOLAT_10.3.3
OpenOLAT_10.3.4
OpenOLAT_10.3.5
OpenOLAT_10.3.6
OpenOLAT_10.3.7
OpenOLAT_10.3.8
OpenOLAT_10.4.0
OpenOLAT_10.4.1
OpenOLAT_10.4.10
OpenOLAT_10.4.11
OpenOLAT_10.4.2
OpenOLAT_10.4.3
OpenOLAT_10.4.4
OpenOLAT_10.4.5
OpenOLAT_10.4.6
OpenOLAT_10.4.7
OpenOLAT_10.4.8
OpenOLAT_10.4.9
OpenOLAT_10.5.0
OpenOLAT_10.5.1
OpenOLAT_10.5.2
OpenOLAT_10.5.3
OpenOLAT_10.5.4
OpenOLAT_10.5.5
OpenOLAT_10.5.6
OpenOLAT_10.5.7
OpenOLAT_10.5.8
OpenOLAT_10.5.9
OpenOLAT_11.*
OpenOLAT_11.0.10
OpenOLAT_11.0.2
OpenOLAT_11.0.3
OpenOLAT_11.0.4
OpenOLAT_11.0.5
OpenOLAT_11.0.6
OpenOLAT_11.0.7
OpenOLAT_11.0.8
OpenOLAT_11.0.9
OpenOLAT_11.0_0
OpenOLAT_11.0_1
OpenOLAT_11.1.0
OpenOLAT_11.1.1
OpenOLAT_11.1.2
OpenOLAT_11.2.0
OpenOLAT_11.2.1
OpenOLAT_11.2.2
OpenOLAT_11.2.3
OpenOLAT_11.2.4
OpenOLAT_11.3.0
OpenOLAT_11.3.1
OpenOLAT_11.3.2
OpenOLAT_11.3.3
OpenOLAT_11.4.0
OpenOLAT_11.4.1
OpenOLAT_11.4.2
OpenOLAT_11.4.3
OpenOLAT_11.5.0
OpenOLAT_11.5.1
OpenOLAT_11.5.2
OpenOLAT_11.5.3
OpenOLAT_11.5.4
OpenOLAT_11.5.5
OpenOLAT_12.*
OpenOLAT_12.0.0
OpenOLAT_12.0.1
OpenOLAT_12.0.2
OpenOLAT_12.1.0
OpenOLAT_12.1.1
OpenOLAT_12.1.2
OpenOLAT_12.1.3
OpenOLAT_12.1.4
OpenOLAT_12.1.5
OpenOLAT_12.2.0
OpenOLAT_12.2.1
OpenOLAT_12.2.2
OpenOLAT_12.2.3
OpenOLAT_12.2.4
OpenOLAT_12.2.5
OpenOLAT_12.2.6
OpenOLAT_12.2.7
OpenOLAT_12.2.8
OpenOLAT_12.3.0
OpenOLAT_12.3.1
OpenOLAT_12.3.2
OpenOLAT_12.3.3
OpenOLAT_12.4.0
OpenOLAT_12.4.1
OpenOLAT_12.4.2
OpenOLAT_12.4.3a
OpenOLAT_12.5.0
OpenOLAT_12.5.1
OpenOLAT_12.5.10
OpenOLAT_12.5.11
OpenOLAT_12.5.12
OpenOLAT_12.5.13
OpenOLAT_12.5.14
OpenOLAT_12.5.15
OpenOLAT_12.5.16
OpenOLAT_12.5.17
OpenOLAT_12.5.18
OpenOLAT_12.5.19
OpenOLAT_12.5.2
OpenOLAT_12.5.20
OpenOLAT_12.5.21
OpenOLAT_12.5.22
OpenOLAT_12.5.23
OpenOLAT_12.5.24
OpenOLAT_12.5.25
OpenOLAT_12.5.26
OpenOLAT_12.5.3
OpenOLAT_12.5.4
OpenOLAT_12.5.5
OpenOLAT_12.5.6
OpenOLAT_12.5.7
OpenOLAT_12.5.8
OpenOLAT_12.5.9
OpenOLAT_13.*
OpenOLAT_13.0.0
OpenOLAT_13.0.0beta1
OpenOLAT_13.0.0beta3
OpenOLAT_13.0.0beta4
OpenOLAT_13.0.0beta5
OpenOLAT_13.0.0beta6
OpenOLAT_13.0.0beta7
OpenOLAT_13.0.0beta8
OpenOLAT_13.0.0beta9
OpenOLAT_13.0.1
OpenOLAT_13.0.2
OpenOLAT_13.0.3
OpenOLAT_13.1.0
OpenOLAT_13.1.1
OpenOLAT_13.1.2
OpenOLAT_13.2.0
OpenOLAT_13.2.1
OpenOLAT_13.2.2
OpenOLAT_13.2.3
OpenOLAT_13.2.4
OpenOLAT_13.2.5
OpenOLAT_13.2.6
OpenOLAT_13.2.7
OpenOLAT_13.2.8
OpenOLAT_14.*
OpenOLAT_14.0.0
OpenOLAT_14.0.2
OpenOLAT_14.0.3
OpenOLAT_14.0.4
OpenOLAT_14.01
OpenOLAT_14.1.0
OpenOLAT_14.1.1
OpenOLAT_14.1.2
OpenOLAT_14.1.3
OpenOLAT_14.1.4
OpenOLAT_14.1.5
OpenOLAT_14.1.6
OpenOLAT_14.1.7
OpenOLAT_14.2.0
OpenOLAT_14.2.1
OpenOLAT_14.2.10
OpenOLAT_14.2.11
OpenOLAT_14.2.12
OpenOLAT_14.2.13
OpenOLAT_14.2.14
OpenOLAT_14.2.15
OpenOLAT_14.2.16
OpenOLAT_14.2.17
OpenOLAT_14.2.18
OpenOLAT_14.2.2
OpenOLAT_14.2.3
OpenOLAT_14.2.4
OpenOLAT_14.2.5
OpenOLAT_14.2.6
OpenOLAT_14.2.7
OpenOLAT_14.2.8
OpenOLAT_14.2.9
OpenOLAT_15.*
OpenOLAT_15.0.0
OpenOLAT_15.0.1
OpenOLAT_15.0.2
OpenOLAT_15.0.3
OpenOLAT_15.0.4
OpenOLAT_15.0.5
OpenOLAT_15.0.6
OpenOLAT_15.1.0
OpenOLAT_15.1.1
OpenOLAT_15.1.2
OpenOLAT_15.1.3
OpenOLAT_15.1.4
OpenOLAT_15.2.0
OpenOLAT_15.2.1
OpenOLAT_15.2.10
OpenOLAT_15.2.11
OpenOLAT_15.2.12
OpenOLAT_15.2.2
OpenOLAT_15.2.3
OpenOLAT_15.2.4
OpenOLAT_15.2.5
OpenOLAT_15.2.6
OpenOLAT_15.2.7
OpenOLAT_15.2.8
OpenOLAT_15.2.9
OpenOLAT_15.3.0
OpenOLAT_15.3.1
OpenOLAT_15.3.10
OpenOLAT_15.3.11
OpenOLAT_15.3.12
OpenOLAT_15.3.13
OpenOLAT_15.3.14
OpenOLAT_15.3.15
OpenOLAT_15.3.16
OpenOLAT_15.3.17
OpenOLAT_15.3.2
OpenOLAT_15.3.3
OpenOLAT_15.3.4
OpenOLAT_15.3.5
OpenOLAT_15.3.6
OpenOLAT_15.3.7
OpenOLAT_15.3.8
OpenOLAT_15.3.9
OpenOLAT_15.4.0
OpenOLAT_15.4.1
OpenOLAT_15.4.2
OpenOLAT_15.4.3
OpenOLAT_15.4.4
OpenOLAT_15.4.5
OpenOLAT_15.4.6
OpenOLAT_15.4.7
OpenOLAT_15.5.0
OpenOLAT_15.5.1
OpenOLAT_15.5.10
OpenOLAT_15.5.11
OpenOLAT_15.5.12
OpenOLAT_15.5.13
OpenOLAT_15.5.14
OpenOLAT_15.5.15
OpenOLAT_15.5.16
OpenOLAT_15.5.17
OpenOLAT_15.5.18
OpenOLAT_15.5.19
OpenOLAT_15.5.2
OpenOLAT_15.5.20
OpenOLAT_15.5.21
OpenOLAT_15.5.22
OpenOLAT_15.5.3
OpenOLAT_15.5.4
OpenOLAT_15.5.5
OpenOLAT_15.5.6
OpenOLAT_15.5.7
OpenOLAT_15.5.8
OpenOLAT_15.5.9
OpenOLAT_15.pre.0.a
OpenOLAT_15.pre.1
OpenOLAT_15.pre.2
OpenOLAT_15.pre.3
OpenOLAT_15.pre.4
OpenOLAT_15.pre.5
OpenOLAT_15.pre.6
OpenOLAT_15.pre.7
OpenOLAT_15.pre.8
OpenOLAT_15.pre.9
OpenOLAT_16.*
OpenOLAT_16.0.0
OpenOLAT_16.0.1
OpenOLAT_16.0.2
OpenOLAT_16.0.3
OpenOLAT_16.0.4
OpenOLAT_16.0.5
OpenOLAT_16.0.6
OpenOLAT_16.0.7
OpenOLAT_16.0.8
OpenOLAT_16.0.9
OpenOLAT_16.1.0
OpenOLAT_16.1.1
OpenOLAT_16.1.2
OpenOLAT_16.1.3
OpenOLAT_16.1.4
OpenOLAT_16.1.5
OpenOLAT_16.1.6
OpenOLAT_16.1.7
OpenOLAT_16.1.8
OpenOLAT_16.2.0
OpenOLAT_16.2.1
OpenOLAT_16.2.10
OpenOLAT_16.2.11
OpenOLAT_16.2.12
OpenOLAT_16.2.13
OpenOLAT_16.2.14
OpenOLAT_16.2.15
OpenOLAT_16.2.16
OpenOLAT_16.2.17
OpenOLAT_16.2.18
OpenOLAT_16.2.2
OpenOLAT_16.2.3
OpenOLAT_16.2.4
OpenOLAT_16.2.5
OpenOLAT_16.2.6
OpenOLAT_16.2.7
OpenOLAT_16.2.8
OpenOLAT_16.2.9
OpenOLAT_17.*
OpenOLAT_17.0.0
OpenOLAT_17.0.1
OpenOLAT_17.0.2
OpenOLAT_17.0.3
OpenOLAT_17.0.4
OpenOLAT_17.0.5
OpenOLAT_17.0.6
OpenOLAT_17.0.7
OpenOLAT_17.0.8
OpenOLAT_17.1.0
OpenOLAT_17.1.1
OpenOLAT_17.1.10
OpenOLAT_17.1.2
OpenOLAT_17.1.3
OpenOLAT_17.1.4
OpenOLAT_17.1.5
OpenOLAT_17.1.6
OpenOLAT_17.1.7
OpenOLAT_17.1.8
OpenOLAT_17.1.9
OpenOLAT_17.2.0
OpenOLAT_17.2.1
OpenOLAT_17.2.10
OpenOLAT_17.2.11
OpenOLAT_17.2.12
OpenOLAT_17.2.13
OpenOLAT_17.2.14
OpenOLAT_17.2.15
OpenOLAT_17.2.16
OpenOLAT_17.2.17
OpenOLAT_17.2.18
OpenOLAT_17.2.19
OpenOLAT_17.2.2
OpenOLAT_17.2.3
OpenOLAT_17.2.4
OpenOLAT_17.2.5
OpenOLAT_17.2.7
OpenOLAT_17.2.8
OpenOLAT_17.2.9
OpenOLAT_18.*
OpenOLAT_18.0.0
OpenOLAT_18.0.1
OpenOLAT_18.0.2
OpenOLAT_18.0.3
OpenOLAT_18.0.4
OpenOLAT_18.0.5
OpenOLAT_18.0.6
OpenOLAT_18.1.0
OpenOLAT_18.1.1
OpenOLAT_18.1.2
OpenOLAT_18.1.3
OpenOLAT_18.1.4
OpenOLAT_18.1.5
OpenOLAT_8.*
OpenOLAT_8.0
OpenOLAT_8.0.2
OpenOLAT_8.0.3
OpenOLAT_8.1
OpenOLAT_8.1.1
OpenOLAT_8.1.2
OpenOLAT_8.1.3
OpenOLAT_8.1.4
OpenOLAT_8.2.0
OpenOLAT_8.2.0beta
OpenOLAT_8.2.0beta2
OpenOLAT_8.2.1
OpenOLAT_8.3.0
OpenOLAT_8.3.1
OpenOLAT_8.3.2
OpenOLAT_8.3.3
OpenOLAT_8.3.4
OpenOLAT_8.3.5
OpenOLAT_8.4.0
OpenOLAT_8.4.0beta
OpenOLAT_8.4.1
OpenOLAT_8.4.2
OpenOLAT_8.4.3
OpenOLAT_8.4.4
OpenOLAT_9.*
OpenOLAT_9.0.0
OpenOLAT_9.0.1
OpenOLAT_9.0.2
OpenOLAT_9.0.3
OpenOLAT_9.0.4
OpenOLAT_9.0.5
OpenOLAT_9.0.6
OpenOLAT_9.1.0
OpenOLAT_9.1.1
OpenOLAT_9.1.2
OpenOLAT_9.2.0
OpenOLAT_9.2.1
OpenOLAT_9.3.0
OpenOLAT_9.3.1
OpenOLAT_9.3.2
OpenOLAT_9.3.3
OpenOLAT_9.3.4
OpenOLAT_9.3.5
OpenOLAT_9.4.0
OpenOLAT_9.4.1
OpenOLAT_9.4.2
OpenOLAT_9.4.3
OpenOLAT_9.4.4