Ilias · Ilias · CVE-2018-5688
Name of the Vulnerable Software and Affected Versions:
ILIAS versions prior to 5.2.4
Description:
The issue concerns a problem with the displayHeader function in the Setup component, specifically in the setup/classes/class.ilSetupGUI.php file. It allows for XSS via the `cmd` parameter.
Recommendations:
For versions prior to 5.2.4, update to version 5.2.4 or later to resolve the issue.