Description
Cross-site scripting (XSS) vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
Remediation
References
Related Vulnerabilities
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)
WordPress Plugin Catch Import Export Security Bypass (1.8)
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41305)
WordPress Plugin SKU Shortlink For WooCommerce Arbitrary File Disclosure (1.3.4)