claroline-CVEs This repo describes several vulns found in Claroline Connect app, in its current version : 1357 RCE via arbitrary file upload (CVE-2022-37159) : githubcom/matthieu-hackwitharts/claroline-CVEs/blob/main/rce/rce_file_uploadmd 'Location' stored XSS (CVE-2022-37162) : githubcom/matthieu-hackwitharts/claroline-CVEs/blob/main/calendar_xs