Cross-Site Scripting (XSS) vulnerability in ILIAS 5.1.x through 5.3.x before 5.3.4 in class.ilDateDurationInputGUI.php and class.ilDateTimeInputGUI.php

Cross-Site Scripting (XSS) vulnerability in ILIAS 5.1.x through 5.3.x before 5.3.4 in class.ilDateDurationInputGUI.php and class.ilDateTimeInputGUI.php

CVE-2018-10306 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x through 5.3.x before 5.3.4 allow XSS via an invalid date.

Learn more about our Web Application Penetration Testing UK.