Fabian Schmid

2 exploits Active since May 2018
CVE-2018-10665 WRITEUP MEDIUM WRITEUP
ILIAS 5.3.4 - Cross-Site Scripting via PHP_SELF in shib_logout.php
ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files.
CVSS 6.1
CVE-2020-23995 WRITEUP MEDIUM WRITEUP
ILIAS <5.3.19, 5.4.12, 6.0 - Info Disclosure
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload.
CVSS 6.5