What is CVE-2024-3931 — XSS in Totara LMS?

CVE-2024-3931 is a cross-site scripting (XSS) vulnerability in Totara LMS versions 13.0–18.7, allowing attackers to inject malicious scripts via the admin/roles/check.php file.

Am I affected by CVE-2024-3931 in Totara LMS?

If you are using Totara LMS versions 13.0 through 18.7, you are potentially affected by this vulnerability. Upgrade to a patched version to mitigate the risk.

How do I fix CVE-2024-3931 in Totara LMS?

Upgrade Totara LMS to version 13.46, 14.38, 15.33, 16.27, 17.21, or 18.8. Back up your data before upgrading.

Is CVE-2024-3931 being actively exploited?

As of the current date, there is no confirmed evidence of active exploitation, but the vulnerability is publicly disclosed and a PoC may be available.

Where can I find the official Totara LMS advisory for CVE-2024-3931?

Refer to the official Totara LMS security advisory for detailed information and updates: [https://totaralms.com/security/](https://totaralms.com/security/)

CVE-2024-3931: XSS in Totara LMS

NEXTGUARD

Scan free

CVE-2024-3931: XSS in Totara LMS | NextGuard

Affected Software

Componenttotara-lms

VendorTotara

Affected rangeFixed in

13.0 – 13.013.0.1

13.1 – 13.113.1.1

13.2 – 13.213.2.1

13.3 – 13.313.3.1

13.4 – 13.413.4.1

13.5 – 13.513.5.1

13.6 – 13.613.6.1

13.7 – 13.713.7.1

13.8 – 13.813.8.1

13.9 – 13.913.9.1

13.10 – 13.1013.10.1

13.11 – 13.1113.11.1

13.12 – 13.1213.12.1

13.13 – 13.1313.13.1

13.14 – 13.1413.14.1

13.15 – 13.1513.15.1

13.16 – 13.1613.16.1

13.17 – 13.1713.17.1

13.18 – 13.1813.18.1

13.19 – 13.1913.19.1

13.20 – 13.2013.20.1

13.21 – 13.2113.21.1

13.22 – 13.2213.22.1

13.23 – 13.2313.23.1

13.24 – 13.2413.24.1

13.25 – 13.2513.25.1

13.26 – 13.2613.26.1

13.27 – 13.2713.27.1

13.28 – 13.2813.28.1

13.29 – 13.2913.29.1

13.30 – 13.3013.30.1

13.31 – 13.3113.31.1

13.32 – 13.3213.32.1

13.33 – 13.3313.33.1

13.34 – 13.3413.34.1

13.35 – 13.3513.35.1

13.36 – 13.3613.36.1

13.37 – 13.3713.37.1

13.38 – 13.3813.38.1

13.39 – 13.3913.39.1

13.40 – 13.4013.40.1

13.41 – 13.4113.41.1

13.42 – 13.4213.42.1

13.43 – 13.4313.43.1

13.44 – 13.4413.44.1

13.45 – 13.4513.45.1

14.0 – 14.014.0.1

14.1 – 14.114.1.1

14.2 – 14.214.2.1

14.3 – 14.314.3.1

14.4 – 14.414.4.1

14.5 – 14.514.5.1

14.6 – 14.614.6.1

14.7 – 14.714.7.1

14.8 – 14.814.8.1

14.9 – 14.914.9.1

14.10 – 14.1014.10.1

14.11 – 14.1114.11.1

14.12 – 14.1214.12.1

14.13 – 14.1314.13.1

14.14 – 14.1414.14.1

14.15 – 14.1514.15.1

14.16 – 14.1614.16.1

14.17 – 14.1714.17.1

14.18 – 14.1814.18.1

14.19 – 14.1914.19.1

14.20 – 14.2014.20.1

14.21 – 14.2114.21.1

14.22 – 14.2214.22.1

14.23 – 14.2314.23.1

14.24 – 14.2414.24.1

14.25 – 14.2514.25.1

14.26 – 14.2614.26.1

14.27 – 14.2714.27.1

14.28 – 14.2814.28.1

14.29 – 14.2914.29.1

14.30 – 14.3014.30.1

14.31 – 14.3114.31.1

14.32 – 14.3214.32.1

14.33 – 14.3314.33.1

14.34 – 14.3414.34.1

14.35 – 14.3514.35.1

14.36 – 14.3614.36.1

14.37 – 14.3714.37.1

15.0 – 15.015.0.1

15.1 – 15.115.1.1

15.2 – 15.215.2.1

15.3 – 15.315.3.1

15.4 – 15.415.4.1

15.5 – 15.515.5.1

15.6 – 15.615.6.1

15.7 – 15.715.7.1

15.8 – 15.815.8.1

15.9 – 15.915.9.1

15.10 – 15.1015.10.1

15.11 – 15.1115.11.1

15.12 – 15.1215.12.1

15.13 – 15.1315.13.1

15.14 – 15.1415.14.1

15.15 – 15.1515.15.1

15.16 – 15.1615.16.1

15.17 – 15.1715.17.1

15.18 – 15.1815.18.1

15.19 – 15.1915.19.1

15.20 – 15.2015.20.1

15.21 – 15.2115.21.1

15.22 – 15.2215.22.1

15.23 – 15.2315.23.1

15.24 – 15.2415.24.1

15.25 – 15.2515.25.1

15.26 – 15.2615.26.1

15.27 – 15.2715.27.1

15.28 – 15.2815.28.1

15.29 – 15.2915.29.1

15.30 – 15.3015.30.1

15.31 – 15.3115.31.1

15.32 – 15.3215.32.1

16.0 – 16.016.0.1

16.1 – 16.116.1.1

16.2 – 16.216.2.1

16.3 – 16.316.3.1

16.4 – 16.416.4.1

16.5 – 16.516.5.1

16.6 – 16.616.6.1

16.7 – 16.716.7.1

16.8 – 16.816.8.1

16.9 – 16.916.9.1

16.10 – 16.1016.10.1

16.11 – 16.1116.11.1

16.12 – 16.1216.12.1

16.13 – 16.1316.13.1

16.14 – 16.1416.14.1

16.15 – 16.1516.15.1

16.16 – 16.1616.16.1

16.17 – 16.1716.17.1

16.18 – 16.1816.18.1

16.19 – 16.1916.19.1

16.20 – 16.2016.20.1

16.21 – 16.2116.21.1

16.22 – 16.2216.22.1

16.23 – 16.2316.23.1

16.24 – 16.2416.24.1

16.25 – 16.2516.25.1

16.26 – 16.2616.26.1

17.0 – 17.017.0.1

17.1 – 17.117.1.1

17.2 – 17.217.2.1

17.3 – 17.317.3.1

17.4 – 17.417.4.1

17.5 – 17.517.5.1

17.6 – 17.617.6.1

17.7 – 17.717.7.1

17.8 – 17.817.8.1

17.9 – 17.917.9.1

17.10 – 17.1017.10.1

17.11 – 17.1117.11.1

17.12 – 17.1217.12.1

17.13 – 17.1317.13.1

17.14 – 17.1417.14.1

17.15 – 17.1517.15.1

17.16 – 17.1617.16.1

17.17 – 17.1717.17.1

17.18 – 17.1817.18.1

17.19 – 17.1917.19.1

17.20 – 17.2017.20.1

18.0 – 18.018.0.1

18.1 – 18.118.1.1

18.2 – 18.218.2.1

18.3 – 18.318.3.1

18.4 – 18.418.4.1

18.5 – 18.518.5.1

18.6 – 18.618.6.1

18.7 – 18.718.7.1

CVE-2024-3931: XSS in Totara LMS

Impact and Attack Scenarios

Exploitation Context

Threat Intelligence

Affected Software

Weakness Classification (CWE)

Timeline

Mitigation and Workarounds

How to fix

CVE Security Newsletter

Frequently asked questions

What is CVE-2024-3931 — XSS in Totara LMS?

Am I affected by CVE-2024-3931 in Totara LMS?

How do I fix CVE-2024-3931 in Totara LMS?

Is CVE-2024-3931 being actively exploited?

Where can I find the official Totara LMS advisory for CVE-2024-3931?

Is your project affected?