Security Advisory

CVE-2024-33527

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-21 15:01:37

Last updated 2025-02-13 15:52:42

Assigner mitre

State PUBLISHED

Description

A Stored Cross-site Scripting (XSS) vulnerability in the "Import of Users and login name of user" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.

← Browse all CVEs View on cve.org ↗