Security Advisory

CVE-2024-26140

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-20 21:47:08

Last updated 2024-08-01 23:59:32

Assigner GitHub_M

State PUBLISHED

Description

com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS. No known workarounds exist.

← Browse all CVEs View on cve.org ↗