CVE-2023-38826

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 25, 2023
Updated: Jan 3, 2024
CWE ID 79

Summary

CVE-2023-38826 is a Cross-Site Scripting (XSS) vulnerability affecting Follet Learning Solutions Destiny up to version 20.0_1U. Maliciously crafted input in the searchString parameter of the handlewpesearchform.do page can be executed in a user's browser, potentially allowing attackers to steal sensitive data, alter web pages, or carry out other malicious actions. This issue poses a significant risk to users and requires urgent attention and patching.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share