Security-Blog
Die Security-Gruppe informiert über behobene Sicherheitslücken in ILIAS
April 2026
Tokar, David [tokard], Wolf, Fabian [fwolf] - 21. Apr 2026, 16:30
Following 2 security issues have been resolved:
0047313: News: Unauthorized Access to News Settings
0047428: Text Subset Question: Stored XSS
· Link
Tokar, David [tokard], Wolf, Fabian [fwolf] - 21. Apr 2026, 16:00
Following 2 security issues have been resolved:
0047313: News: Unauthorized Access to News Settings
0047428: Text Subset Question: Stored XSS
· Link
March 2026
Tokar, David [tokard], Wolf, Fabian [fwolf] - 10. Mar 2026, 16:30
Following 3 security issues have been resolved:
0046459: SAML: Open redirect on logout
0046641: Survey: Stored XSS with TinyMCE
0046937: Auth: Logout via CSRF / Potential DoS (Regression)
· Link
Tokar, David [tokard], Wolf, Fabian [fwolf] - 10. Mar 2026, 16:00
Following 2 security issues have been resolved:
0046459: SAML: Open redirect on logout
0046641: Survey: Stored XSS with TinyMCE
· Link
January 2026
Tokar, David [tokard], Wolf, Fabian [fwolf] - 20. Jan 2026, 17:00
Following 2 security issues have been resolved:
0046643: Exercise: Stored XSS with TinyMCE
0046763: Chatroom: Potential DoS via memory exhaustion (CVE-2025-15284)
· Link