Описание
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of organizational units and title of organizational unit" feature in ILIAS 7.20 to 7.29 and ILIAS 8.4 to 8.10 as well as ILIAS 9.0 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
Ссылки
EPSS
Процентиль: 20%
0.00063
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.3
github
больше 1 года назад
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of organizational units and title of organizational unit" feature in ILIAS 7.20 to 7.30 and ILIAS 8.4 to 8.10 as well as ILIAS 9.0 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
EPSS
Процентиль: 20%
0.00063
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-79