CVE-2023-38826
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Dec 25, 2023
Updated: Jan 3, 2024
CWE ID 79
Summary
CVE-2023-38826 is a Cross-Site Scripting (XSS) vulnerability affecting Follet Learning Solutions Destiny up to version 20.0_1U. Maliciously crafted input in the searchString parameter of the handlewpesearchform.do page can be executed in a user's browser, potentially allowing attackers to steal sensitive data, alter web pages, or carry out other malicious actions. This issue poses a significant risk to users and requires urgent attention and patching.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Follett Learning