Scoold
by Scoold
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50334 | Med | 0.35 | 5.3 | 0.01 | Oct 29, 2024 | Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data.… | ||
| CVE-2021-46372 | Med | 0.35 | 5.4 | 0.01 | Feb 18, 2022 | Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters. |
- risk 0.35cvss 5.3epss 0.01
Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data.…
- risk 0.35cvss 5.4epss 0.01
Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters.