RSS   Vulnerabilities for 'Ilias'   RSS

2017-10-17
 
CVE-2017-15538

CWE-79
 

 
Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php.

 
2017-04-07
 
CVE-2017-7583

CWE-79
 

 
ILIAS before 5.2.3 has XSS via SVG documents.

 


Copyright 2024, cxsecurity.com

 

Back to Top