CVE-2022-38553

Name of the Vulnerable Software and Affected Versions Academy Learning Management System versions prior to 5.9.1

Description The issue is related to a reflected cross-site scripting (XSS) vulnerability. This vulnerability occurs via the Search parameter, allowing potential attackers to inject malicious scripts into the website. Cross-site scripting (XSS) is a type of security vulnerability that can allow an attacker to inject malicious code into a website, which can then be executed by the user's browser.

Recommendations For versions prior to 5.9.1, update to version 5.9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Search parameter to minimize the risk of exploitation.