PT-2022-23848 · Claroline · Claroline

Name of the Vulnerable Software and Affected Versions: Claroline versions 13.5.7 and prior Description: The issue allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged user. This can be achieved by combining an XSS vulnerability present in several uploa...