First published: Tue Aug 10 2021(Updated: )
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Chamilo Chamilo Lms | <1.11.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37390 is a reflected XSS vulnerability in Chamilo LMS version 1.11.14.
CVE-2021-37390 has a severity level of medium.
CVE-2021-37390 affects Chamilo LMS versions up to and including 1.11.14.
The CWE for CVE-2021-37390 is CWE-79, which refers to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
To fix CVE-2021-37390, it is recommended to update Chamilo LMS to a version higher than 1.11.14.