{"id":"CVE-2018-10665","details":"ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files.","modified":"2026-04-10T04:04:01.079750Z","published":"2018-05-02T17:29:00.250Z","references":[{"type":"ADVISORY","url":"https://www.openbugbounty.org/reports/608858/"},{"type":"FIX","url":"https://github.com/ILIAS-eLearning/ILIAS/commit/3fe6aa778ca06080cf1b7303cbc458aa0c42392a"},{"type":"FIX","url":"https://github.com/ILIAS-eLearning/ILIAS/commit/c9c9211bd689f2dda02006159e69a856eae8944d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ilias-elearning/ilias","events":[{"introduced":"0"},{"last_affected":"aad29de0e53aaa23980fa34f4c4f37a1182e04a2"},{"fixed":"3fe6aa778ca06080cf1b7303cbc458aa0c42392a"},{"fixed":"c9c9211bd689f2dda02006159e69a856eae8944d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.3.4"}]}}],"versions":["v5.1.0beta2","v5.3.0beta1","v5.3.0beta3","v5.3.0beta4","v5.3.2","v5.3.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10665.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}