CVE

CVE-2017-15538

admin

CVE-2017-15538

Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php.

Source: CVE-2017-15538

Exit mobile version