Description
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21589 Vulnerability (CVE-2022-21589)
Jboss EAP CVE-2013-4210 Vulnerability (CVE-2013-4210)
Ruby Improper Input Validation Vulnerability (CVE-2013-1821)
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.0)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1903)