CVE-2025-10388 | Selleo Mentingo 2025.08.27 Create New Course Basic Settings enroll-course Description cross site scripting

A vulnerability, which was classified as problematic, was found in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-10388. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More