CVE-2018-5688
MEDIUMILIAS < 5.2.4 - Cross-Site Scripting via Setup Component cmd Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2018-5688. PoCs published by Florian Kunushevci.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in ILIAS CMS versions before 5.2.4. The vulnerability is triggered via the 'cmd' parameter in the setup.php file, allowing arbitrary JavaScript execution.
Description
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Florian Kunushevci · textwebappsphp
https://www.exploit-db.com/exploits/43595
This exploit demonstrates a reflected XSS vulnerability in ILIAS CMS versions before 5.2.4. The vulnerability is triggered via the 'cmd' parameter in the setup.php file, allowing arbitrary JavaScript execution.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
ILIAS CMS < 5.2.4
No auth needed
Prerequisites:
Access to the setup.php endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/43595/
Release Notes x_refsource_confirm
https://www.ilias.de/docu/goto_docu_pg_75029_35.html
Patch x_refsource_confirm
https://github.com/ILIAS-eLearning/ILIAS/commit/c0f326d05231072e33679b84835c03d5043255cb
Scores
CVSS v3
6.1
EPSS
0.0334
EPSS Percentile
87.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
ilias/ilias
< 5.2.4
Published
Jan 14, 2018
Tracked Since
Feb 18, 2026