Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object

链接： https://github.com/advisories/GHSA-6v2j-8xmf-qhjc

CVSS 评分： 9.8

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-30973
https://patchstack.com/database/wordpress/plugin/coschool/vulnerability/wordpress-coschool-lms-1-4-3-php-object-injection-vulnerability?_s_id=cve
https://github.com/advisories/GHSA-6v2j-8xmf-qhjc

描述：

Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object Injection. This issue affects CoSchool LMS: from n/a through 1.4.3.

安全公告

#Github Advisory

Deserialization of Untrusted Data vulnerability in Codexpert, Inc CoSchool LMS allows Object

http://example.com/2025/07/16/github_2866307236/

作者

lianccc

发布于

2025年7月16日

许可协议

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 上一篇

Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows 下一篇