← voltar
CVE-2017-15538

CVE-2017-15538

EPSS 0.9%
Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://openwall.com/lists/oss-security/2017/10/17/3https://github.com/ILIAS-eLearning/ILIAS/commit/b2a4660afec1e87d41c83c8e381f549bc6dfc70fhttps://lists.ilias.de/pipermail/ilias-admins/2017-October/000053.htmlhttps://www.ilias.de/docu/goto_docu_pg_75377_35.htmlhttps://www.ilias.de/docu/goto_docu_pg_75378_1719.html