URL has been copied successfully!
Lectora Desktop and Online XSS Vulnerability Enables JavaScript Injection
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Lectora Desktop and Online XSS Vulnerability Enables JavaScript Injection


Tags: , , , , ,

A critical cross-site scripting (XSS) vulnerability affecting both Lectora Desktop and Lectora Online has been disclosed, enabling attackers to inject JavaScript through crafted URL parameters. Discovered by security researcher Mohammad Jassim and documented by the CERT® Coordination Center on September 22, 2025, this flaw poses a risk of client-side code execution, session hijacking, and user […] The post Lectora Desktop and Online XSS Vulnerability Enables JavaScript Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/lectora-desktop-and-online-xss-vulnerability/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Zoom Workplace Apps Vulnerability Enables Malicious Script Injection Through XSS Flaws
  2. Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More
  3. 8 security risks overlooked in the rush to implement AI
  4. Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads