A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload.
Metrics
Affected Vendors & Products
References
History
Mon, 04 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ilias
Ilias ilias |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ilias
Ilias ilias |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-11-04T16:35:27.985Z
Reserved:
Link: CVE-2024-33528
Vulnrichment
Updated: 2024-08-02T02:36:03.792Z
NVD
Status : Awaiting Analysis
Published: 2024-05-21T15:15:29.167
Modified: 2024-11-21T09:17:05.203
Link: CVE-2024-33528
Redhat
No data.