tslearning vulnerability

Itslearning vulnerability stories episode 3 is here. I want to add another stored xss to itslearning vulnerabilities list. Let’s do it!

This is an interesting vulnerability that triggers stored XSS. Itslearning has a kind of document sharing feature that helps people to share files to each other.

Normally, when you click the file, system automatically download this file. But If delete the last part – which is download parameter- of url, itslearning executes it!

The new Itslearning vulnerability Poc is here;


It was a good exercise to me. I really liked it actually.

Another XSS is kinda like earlier XSS on itslearning. Here is the PoC about it. It doesn’t need any explanation.