Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.9 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS6.6AI score0.00765EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/26 12:0 a.m.19 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS9.1AI score0.00765EPSS
Exploits1References2
CVE
CVE
added 2023/10/26 12:0 a.m.88 views

CVE-2023-45869

CVE-2023-45869 affects ILIAS 7.25 (2023-09-12). The issue resides in the ilUtil::execQuoted() function (via the exec() call) which lacks input sanitization, allowing any authenticated user to remotely execute arbitrary operating system commands when a highly privileged account loads an XSS payloa...

9CVSS8.8AI score0.00765EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/26 12:0 a.m.23 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS6.8AI score0.00765EPSS
Exploits1References2
Rows per page
Query Builder