NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-3007

Summary	Successful exploitation of the stored cross-site scripting (XSS) vulnerability could allow an attacker to execute arbitrary JavaScript on any user account that has access to Koollab LMS’ courselet feature.
Publication Date	April 23, 2026, 1:16 p.m.
Registration Date	April 25, 2026, 4:06 a.m.
Last Update	April 24, 2026, 11:50 p.m.

CVSS3.1 : MEDIUM
スコア	5.4
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	低
利用者の関与(UI)	要
影響の想定範囲(S)	変更あり
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	なし

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2026-042/	5f57b9bf-260d-4433-bf07-b6a79e9bb7d4

Common Vulnerabilities List