CVE-2022-29380

Name of the Vulnerable Software and Affected Versions Academy-LMS version 4.3

Description A stored cross-site scripting (XSS) issue was found in the SEO panel of Academy-LMS. This type of issue allows attackers to inject malicious scripts into content, which are then stored on the server and executed by the browser when other users access the affected page.

Recommendations For Academy-LMS version 4.3, update to a version that includes a fix for the stored cross-site scripting vulnerability in the SEO panel. As a temporary workaround, consider restricting access to the SEO panel to minimize the risk of exploitation.