CVE-2018-10428
Summary
| CVE | CVE-2018-10428 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-05-23 20:29:00 UTC |
| Updated | 2019-03-08 15:14:00 UTC |
| Description | ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityFocus | BUGTRAQ | www.securityfocus.com | Exploit, Third Party Advisory, VDB Entry |
| ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting ≈ Packet Storm | MISC | packetstormsecurity.com | Exploit, Third Party Advisory, VDB Entry |
| ILIAS E-Learning - Roadmap and Releases | CONFIRM | www.ilias.de | Release Notes |
| ILIAS E-Learning - Roadmap and Releases | CONFIRM | www.ilias.de | Release Notes |
| www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-007.txt | MISC | www.syss.de | Exploit, Third Party Advisory |
| ILIAS E-Learning | CONFIRM | www.ilias.de | Release Notes |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.