Lucene search
GoogleOSV:CVE-2017-15538HistoryOct 17, 2017 - 8:29 p.m.
CVE-2017-15538
2017-10-1720:29:00
Google
osv.dev
5
Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ilias | eq | 4.4.6 | |
| ilias | eq | 5.0.0 | |
| ilias | eq | 5.1.0beta2 | |
| ilias | eq | 5.2.0 | |
| ilias | eq | 5.3.0beta1 | |
| ilias | eq | 5.0.0_beta2 | |
| ilias | eq | 4.3.9 | |
| ilias | eq | 5.1.0 | |
| ilias | eq | 5.1.0beta1 | |
| ilias | eq | 5.2.0beta1 |
Related
openvas
openvas
ILIAS < 5.1.21, 5.2.x < 5.2.9 XSS Vulnerability
2017-10-20 00:00:00
cve
cve
CVE-2017-15538
2022-10-03 16:23:35
prion
prion
Cross site scripting
2017-10-17 20:29:00
nvd
nvd
CVE-2017-15538
2017-10-17 20:29:00
cvelist
cvelist
CVE-2017-15538
2022-10-03 16:23:35