exploitDog

CVE-2018-5688

Опубликовано: 14 янв. 2018

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.

Ссылки

https://github.com/ILIAS-eLearning/ILIAS/commit/c0f326d05231072e33679b84835c03d5043255cb
Patch
https://www.exploit-db.com/exploits/43595/
Exploit
Third Party Advisory
VDB Entry
https://www.ilias.de/docu/goto_docu_pg_75029_35.html
Release Notes
https://github.com/ILIAS-eLearning/ILIAS/commit/c0f326d05231072e33679b84835c03d5043255cb
Patch
https://www.exploit-db.com/exploits/43595/
Exploit
Third Party Advisory
VDB Entry
https://www.ilias.de/docu/goto_docu_pg_75029_35.html
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*

Версия до 5.2.4 (исключая)

EPSS

Процентиль: 87%

0.0353

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-5688

CVSS3: 6.1

debian

около 8 лет назад

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader ...

GHSA-7q4p-hfw9-98qc

CVSS3: 6.1

github

больше 3 лет назад

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.

EPSS

Процентиль: 87%

0.0353

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79