CVE-2018-5688

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.

Date published : 2018-01-14

https://github.com/ILIAS-eLearning/ILIAS/commit/c0f326d05231072e33679b84835c03d5043255cb

https://www.ilias.de/docu/goto_docu_pg_75029_35.html