Arbitrary Code Execution via Personal Data Import in ILIAS
CVE-2020-23996 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 and 6.0 allows remote authenticated attackers to execute arbitrary code via the import of personal data.
Learn more about our Web Application Penetration Testing UK.