Описание
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:claroline:claroline:1.7.7:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00558
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php.
EPSS
Процентиль: 68%
0.00558
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other