Unknown · Koollab Lms · CVE-2026-3007
**Name of the Vulnerable Software and Affected Versions**
Koollab LMS (affected versions not specified)
**Description**
A stored cross-site scripting (XSS) issue exists within the courselet feature. This flaw allows an attacker to execute arbitrary JavaScript on any user account that has access to this feature.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.