Claroline 1.x admin/campusProblem.php view Parameter XSS

2014-07-01T00:00:00
ID SSV:83935
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/25521/info
   
Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities.
   
An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which may aid in further attacks.The attacker may also be able to execute arbitray code in the context of the webserver. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
   
Versions prior to Claroline 1.8.6 are vulnerable. 

http://www.example.com/admin/campusProblem.php?view=[XSS]