3 matches found
CVE-2008-3315
Multiple cross-site scripting XSS vulnerabilities in Claroline 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the 1 query string to a announcements/messages.php; b lostPassword.php and c profile.php in auth/; d calendar/myagenda.php; e group/group.php; f learningPath.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Claroline 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the 1 query string to a announcements/messages.php; b lostPassword.php and c profile.php in auth/; d calendar/myagenda.php; e group/group.php; f learningPath.php...
CVE-2006-3257
CVE-2006-3257 affects Claroline 1.7.7 with multiple XSS vulnerabilities enabling an attacker to inject arbitrary HTML/Script via several vectors (calendar/myagenda.php, document/document.php, phpbb/newtopic.php, tracking/userLog.php, wiki/page.php). Public data lists these vectors and notes poten...