4 matches found
Multiple Cross-Site Scripting (XSS) in Claroline
Advisory ID: HTB23179 Product: Claroline Vendor: Claroline Consortium Vulnerable Versions: 1.11.8 and probably prior Tested Version: 1.11.8 Advisory Publication: October 23, 2013 without technical details Vendor Notification: October 23, 2013 Vendor Patch: November 7, 2013 Public Disclosure:...
CVE-2013-6267
CVE-2013-6267 affects Claroline before 1.11.9, with multiple XSS vectors exposed by unsanitized user input in: box (messaging/messagebox.php), cidToEdit (admin/adminregisteruser.php and admin_user_course_settings.php), module_id (admin/module/module.php), and offset (admin/right/profile_list.php)...
Claroline 1.11.8 Cross Site Scripting
Advisory ID: HTB23179 Product: Claroline Vendor: Claroline Consortium Vulnerable Versions: 1.11.8 and probably prior Tested Version: 1.11.8 Advisory Publication: October 23, 2013 without technical details Vendor Notification: October 23, 2013 Vendor Patch: November 7, 2013 Public Disclosure:...
Claroline 1.11.8 Cross Site Scripting Vulnerability
Claroline version 1.11.8 suffers from multiple cross site scripting vulnerabilities. Vendor: Claroline Consortium Vulnerable Versions: 1.11.8 and probably prior Tested Version: 1.11.8 Advisory Publication: October 23, 2013 without technical details Vendor Notification: October 23, 2013 Vendor...