Description
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload.
Remediation
References
Related Vulnerabilities
MediaWiki Improper Input Validation Vulnerability (CVE-2013-6453)
MySQL CVE-2021-2178 Vulnerability (CVE-2021-2178)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)
WordPress Plugin Remote Upload Arbitrary File Upload (1.2.1)
WordPress Plugin User Photo 'user-photo.php' Arbitrary File Upload (0.9.4)