CVE-2023-36484

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jun 29, 2023

Updated: Jul 7, 2023

CWE ID 79

Summary

CVE-2023-36484 is a newly identified Cross-Site Scripting (XSS) vulnerability affecting ILIAS versions 7.21, 8.0_beta1, and up to 8.2. This issue can be exploited through reflected attacks, meaning an attacker can inject malicious code into a web page and execute it on an unsuspecting user's browser. The consequence could lead to data theft, unauthorized access, or system manipulation. Users are strongly encouraged to update their ILIAS installations as soon as possible to mitigate this security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r0kMvf
https://www.cve.org/CVERecord?id=CVE-2023-36484
https://nvd.nist.gov/vuln/detail/CVE-2023-36484

Back to Vulnerability Database

CVE-2023-36484

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations