EIP-2026-105881
PRE-CVEClaroline 1.10 - Multiple HTML Injection Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-105881. PoCs published by AutoSec Tools.
AI-analyzed exploit summary The provided code demonstrates an HTML injection vulnerability in Claroline 1.10, where user-supplied input is not properly sanitized, allowing arbitrary script execution in the context of the affected browser. The PoC includes a simple XSS payload (`"><script>alert(0)</script>`) that triggers an alert dialog.
Description
Claroline 1.10 - Multiple HTML Injection Vulnerabilities
Exploits (1)
The provided code demonstrates an HTML injection vulnerability in Claroline 1.10, where user-supplied input is not properly sanitized, allowing arbitrary script execution in the context of the affected browser. The PoC includes a simple XSS payload (`"><script>alert(0)</script>`) that triggers an alert dialog.