| Title | ui-lib Mentor LMS 1.1.1 Origin Validation Error |
|---|
| Description | A Cross-Origin Resource Sharing (CORS) vulnerability exists in Mentor Learning Management System version 1.1.1. The CORS configuration on the server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This affects all URLs of this product, and can lead to unauthorized data access, information disclosure, and potential further exploitation, thereby compromising the integrity and confidentiality of the system. |
|---|
| Source | ⚠️ https://github.com/PlsRevert/CVEs/issues/3 |
|---|
| User | JaredLoo (UID 89930) |
|---|
| Submission | 09/24/2025 08:37 (7 months ago) |
|---|
| Moderation | 10/04/2025 20:53 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 327185 [CodeCanyon/ui-lib Mentor LMS up to 1.1.1 API cross-domain policy] |
|---|
| Points | 20 |
|---|