An XSS issue exists in the question-pool file-upload preview feature in ILIAS 6.4.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25267
Reference (s):
- https://medium.com/bugbountywriteup/exploiting-ilias-learning-management-system-4eda9e120620