Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-37162

Disclosure Date: August 25, 2022 (last updated February 24, 2025)
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by adding arbitrary javascript code in the 'Location' field of a calendar event.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0