First published: Thu Apr 06 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Namaste! LMS plugin <= 2.5.9.1 versions.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kibokolabs Namaste\! Lms | <2.5.9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-24383 is an authentication-required (admin+) stored Cross-Site Scripting (XSS) vulnerability in the Kiboko Labs Namaste! LMS plugin versions <= 2.5.9.1.
CVE-2023-24383 has a severity rating of medium, with a CVSS score of 4.8.
CVE-2023-24383 affects Kiboko Labs Namaste! LMS plugin versions <= 2.5.9.1, specifically requiring authentication as an admin or higher.
To fix CVE-2023-24383, update the Kiboko Labs Namaste! LMS plugin to version 2.5.9.2 or later.
The CWE for CVE-2023-24383 is CWE-79, which is a vulnerability related to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting' or 'XSS').