This is the third and final vulnerability found over a longer period of time in Xerte (for now?). This happened about a year after the previous vulnerabilities. Because of this, a lot of fixes and improvements had been applied to […]
Tag: RCE
Unauthenticated file upload to Remote Code Execution in Xerte
So this is the second part of three vulnerability’s found over a longer period of time in Xerte. The vulnerability was a Unauthenticated file upload to Remote Code Execution (RCE). “Xerte is an award-winning suite of browser-based tools that allow […]
Reflected XSS in Xerte
So this is part of three vulnerability’s found over a longer period of time, the first one is reflected XSS. “Xerte is an award-winning suite of browser-based tools that allow anyone with a web browser to create interactive learning materials […]