Breaking ILIAS #1: From Open Redirect to Admin
We describe two vulnerabilities in the learning management platform ILIAS that we found as part of a recent client engagement. Exploiting a stored XSS we achieve command execution as root.
We describe two vulnerabilities in the learning management platform ILIAS that we found as part of a recent client engagement. Exploiting a stored XSS we achieve command execution as root.