CVE-2024-53791

Vulnerability

Details

The vulnerability is a DOM-based Cross-Site Scripting (XSS) in the Lenxel Core plugin for the Lenxel (LNX) LMS platform. It stems from improper neutralization of user input during web page generation, allowing an attacker to inject arbitrary JavaScript into the DOM of a victim's browser. The issue affects all versions of the plugin from n/a through 1.3.9 [1].

Exploitation

Exploitation requires user interaction, such as clicking a malicious link or visiting a crafted page. The attacker does not need elevated privileges to initiate the attack, but the victim must perform an action that triggers the injected script. This type of vulnerability is commonly used in mass-exploit campaigns targeting WordPress sites [1].

Impact

Successful exploitation allows an attacker to execute arbitrary scripts in the context of the victim's browser. This can lead to actions such as redirecting users to malicious sites, displaying unwanted advertisements, stealing session cookies, or defacing the website. The CVSS score of 6.5 (Medium) reflects the potential for significant harm, though user interaction is required [1].

Mitigation

The vendor has released a patched version; users are strongly advised to update the Lenxel Core plugin to the latest available version. If immediate updating is not possible, site administrators should consult their hosting provider or a web developer for assistance. No workarounds are documented [1].