PT-2026-34630 · Three Learning · Koollab Learning Management System
Justin Ng
·
Published
2026-04-23
·
Updated
2026-04-23
·
CVE-2026-3007
CVSS v3.1
5.4
Medium
| AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Successful exploitation of the stored cross-site scripting (XSS) vulnerability could allow an attacker to execute arbitrary JavaScript on any user account that has access to Koollab LMS’ courselet feature.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Koollab Learning Management System