CVE-2020-25268

High

Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.

mitre·CWE-88·Published 2020-11-10

CVSS

8.8

EPSS

0.02

KEV

Exploits

cve.orgen

136 chars

Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.

NVDen

136 chars

Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.

NVDes

181 chars

Una ejecución de código remota, puede ocurrir por medio de la fuente de noticias externa en ILIAS versión 6.4, debido a un saneamiento incorrecto de parámetros para datos Magpie RSS

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.5	8.0	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H