First published: Fri Dec 21 2018(Updated: )
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Chamilo Chamilo Lms | =1.11.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-20327 is a vulnerability in Chamilo LMS version 1.11.8 that allows authenticated users to affect other users through XSS.
CVE-2018-20327 has a severity level of 5.4 (medium risk).
CVE-2018-20327 affects Chamilo LMS version 1.11.8 by allowing authenticated users to affect other users through XSS in the gradebook dependencies tool.
Authenticated users can exploit CVE-2018-20327 by taking advantage of specific conditions of permissions granted by administrators.
No, CVE-2018-20327 is considered a medium risk vulnerability due to the nature of the exploit.