65 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML by uploading an XML file with the xhtml extension, which is rendered inline as script. NOTE: this can be leveraged with CVE-2012-2244 to execut...
CVE-2024-33525
A Stored Cross-site Scripting XSS vulnerability in the "Import of organizational units and title of organizational unit" feature in ILIAS 7.20 to 7.29 and ILIAS 8.4 to 8.10 as well as ILIAS 9.0 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or...
CVE-2024-33526
A Stored Cross-site Scripting XSS vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload...
CVE-2024-33527
A Stored Cross-site Scripting XSS vulnerability in the "Import of Users and login name of user" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload...
CVE-2024-33528
A Stored Cross-site Scripting XSS vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload...