Description
error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS via the text of a PDO exception.
References (2)
Core 2
Core References
Patch x_refsource_misc
https://github.com/ILIAS-eLearning/ILIAS/commit/ca982e59d0b76c0374c9a7fd1acf2685ca57cf41
Release Notes, Vendor Advisory x_refsource_misc
https://www.ilias.de/docu/goto_docu_pg_116799_35.html
Scores
CVSS v3
6.1
EPSS
0.0027
EPSS Percentile
50.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
ilias/ilias
5.2.0 - 5.3.4
Published
May 18, 2018
Tracked Since
Feb 18, 2026