Unrated severityOSV Advisory· Published Jan 28, 2026· Updated Mar 5, 2026
ILIAS Learning Management System 4.3 - SSRF
CVE-2020-36944
Description
ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to PDF.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/49148mitreexploit
- www.vulncheck.com/advisories/ilias-learning-management-system-ssrfmitrethird-party-advisory
- www.ilias.demitreproduct
News mentions
0No linked articles in our index yet.