CVE-2018-11117

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-11117
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11117.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-11117
Published
2018-05-17T13:29:00.303Z
Modified
2026-04-10T04:04:19.145387Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS via a link attribute.

References

Affected packages

Git / github.com/ilias-elearning/ilias

Affected ranges

Type
GIT
Repo
https://github.com/ilias-elearning/ilias
Events
Introduced
1a4b8f71a3b4f5f753d847fa87258a214baeef06
Last affected
ba288e35eed9075df6088e216cfe370675b6b2a9
Introduced
b5e252d75801c5c0d47c40e773e502eb78f136bf
Last affected
c98fb5a727163f9416127a5e26c89c8eaa54dc0b
Introduced
a3f852a420235507d7cbe57d0e6c485667ab31cb
Last affected
aad29de0e53aaa23980fa34f4c4f37a1182e04a2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1b17dca537848333034e07adcbb506fc611ddef6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fcda3f98c5edadbd79216c44656df5f3002991bf
Fixed
ff9bf29858f2dbffe828711a6f8bf37038c00d77
Database specific 
{
    "versions": [
        {
            "introduced": "5.1.0"
        },
        {
            "last_affected": "5.1.26"
        },
        {
            "introduced": "5.2.0"
        },
        {
            "last_affected": "5.2.15"
        },
        {
            "introduced": "5.3.0"
        },
        {
            "last_affected": "5.3.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.1.0-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.2.0-beta1"
        }
    ]
}

Affected versions

v5.*
v5.1.0
v5.1.0beta1
v5.1.0beta2
v5.1.1
v5.1.10
v5.1.13
v5.1.14
v5.1.17
v5.1.18
v5.1.2
v5.1.21
v5.1.22
v5.1.23
v5.1.25
v5.1.26
v5.1.5
v5.1.6
v5.1.8
v5.1.9
v5.2.0
v5.2.0beta1
v5.2.13
v5.2.14
v5.2.15
v5.2.5
v5.2.7
v5.3.0beta1
v5.3.0beta3
v5.3.0beta4
v5.3.2
v5.3.4

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.2.0-beta2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.2.0-beta3"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11117.json"