Rustici.Software.SCORM.Engine.loadCode.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in Rustici Software SCORM Engine.
The vulnerability is due to lack of validation of user-supplied inputs. Successful exploitation can lead to execution of script code in the context of the users browser.
Affected Products
Rustici Software SCORM Engine versions 20.1.x before 20.1.45.914
Rustici Software SCORM Engine versions 21.1.x before 21.1.7.219
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.scorm.com/hc/en-us/articles/6191663599259-Engine-and-Engine-Dispatch-20-1-45-914
https://support.scorm.com/hc/en-us/articles/4899839680155-Engine-and-Engine-Dispatch-21-1-7-219
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-09-19 | 22.396 | Default_action:pass:drop |
2022-09-08 | 22.388 | Sig Added |
2022-07-07 | 21.352 |