CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-11345

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgrading the affected component is advised.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.4%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 6.5

References

https://docu.ilias.de/go/blog/15821/882
https://vuldb.com/?ctiid.327230
https://vuldb.com/?id.327230
https://vuldb.com/?submit.664891

Products affected by CVE-2025-11345

Ilias » Ilias » Version: 10.1

cpe:2.3:a:ilias:ilias:10.1
Ilias » Ilias » Version: 8.23

cpe:2.3:a:ilias:ilias:8.23
Ilias » Ilias » Version: 9.13

cpe:2.3:a:ilias:ilias:9.13

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-11345

Products

Pricing

Contact Us