Claroline Other Vulnerability - CVE-2005-1374
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1 and possibly Dokeos allow remote attackers to inject arbitrary web script or HTML via (1) exercise_result.php (2) exercice_submit.php (3) agenda.php (4) learningPathList.php (5) learningPathAdmin.php (6) learningPath.php (7) userLog.php (8) tool parameter to toolaccess_details.php (9) data parameter to user_access_details.php or (10) coursePath parameter to myagenda.php.