VYPR

Rocket LMS

by Rocketsoft

CVEs (2)

  • CVE-2024-34241MedMay 17, 2024
    risk 0.34cvss 4.8epss 0.01

    A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications.

  • CVE-2023-3477LowJun 30, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been declared as problematic. This vulnerability affects unknown code of the file /contact/store of the component Contact Form. The manipulation of the argument name/subject/message leads to cross site scripting. The…