CVE-2022-37159

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload...

Claroline 跨站脚本漏洞

Claroline is an open source learning management system from Claroline Open Source. A security vulnerability exists in Claroline version 13.5.7 and earlier versions, which stems from a cross-site scripting XSS attack via SVG file uploads...

PT-2022-23848 · Claroline · Claroline

Name of the Vulnerable Software and Affected Versions: Claroline versions 13.5.7 and prior Description: The issue allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged user. This can be achieved by combining an XSS vulnerability present in several uploa...