Ilias Open Source E Learning Platform · Ilias · CVE-2018-10665
**Name of the Vulnerable Software and Affected Versions**
ILIAS version 5.3.4
**Description**
The issue is related to an XSS vulnerability due to unsanitized output of `PHP SELF`, specifically affecting files such as `shib logout.php` and certain third-party demo files.
**Recommendations**
For ILIAS version 5.3.4, update to a version that addresses this issue, as using unsanitized output of `PHP SELF` can lead to security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.