ILIAS before 7.16 allows XSS.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2022/Dec/7 | Exploit Mailing List Third Party Advisory |
https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/ | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-12-07 01:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-45916
Mitre link : CVE-2022-45916
CVE.ORG link : CVE-2022-45916
JSON object : View
Products Affected
ilias
- ilias
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')