A critical cross-site scripting (XSS) vulnerability affecting both Lectora Desktop and Lectora Online has been disclosed, enabling attackers to inject JavaScript through crafted URL parameters. Discovered by security researcher Mohammad Jassim and documented by the CERT® Coordination Center on September 22, 2025, this flaw poses a risk of client-side code execution, session hijacking, and user […]

The post Lectora Desktop and Online XSS Vulnerability Enables JavaScript Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/lectora-desktop-and-online-xss-vulnerability/