Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Media objects after their release, which could allow arbitrary code to be executed within a sandbox...

Adobe Acrobat Reader DC EScript Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

ILIAS Media Objects Component Cross-Site Scripting Vulnerability

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, live chat, etc. Media Objects component is one of the media object components. A cross-site scripting vulnerability exists in the Media Objects component i...

ILIAS < 5.1.21, 5.2.x < 5.2.9 XSS Vulnerability

ILIAS eLearning is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-15538

Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php...

CVE-2017-15538

Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php...

Cross site scripting

Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php...

CVE-2017-15538

CVE-2017-15538 affects ILIAS Media Objects. A stored XSS in the Media Objects component (setParameter in Services/MediaObjects/classes/class.ilMediaItem.php) allows an authenticated user to inject JavaScript and gain administrator privileges. Affected versions are ILIAS before 5.1.21 and 5.2.x be...

Mozilla Firefox HTMLVideoElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...