Vulnerabilities > Claroline > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-25 | CVE-2022-37160 | Cross-site Scripting vulnerability in Claroline Claroline 13.5.7 and prior allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged user. | 5.4 |
| 2022-08-25 | CVE-2022-37161 | Cross-site Scripting vulnerability in Claroline Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload. | 6.1 |
| 2022-08-25 | CVE-2022-37162 | Cross-site Scripting vulnerability in Claroline Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). | 5.4 |