Filtered by vendor Wwnorton
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32809 | 1 Wwnorton | 1 Inquizitive | 2025-10-30 | N/A | 6.4 MEDIUM |
| W. W. Norton InQuizitive through 2025-04-08 allows students to conduct stored XSS attacks against educators via a bonus description, feedback.choice_fb[], or question_id. | |||||
| CVE-2025-32808 | 1 Wwnorton | 1 Inquizitive | 2025-10-30 | N/A | 7.7 HIGH |
| W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their quiz performance into the backend, because only client-side access control exists. | |||||