CVE-2023-31800: XSS
First published: Tue May 09 2023(Updated: )
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Chamilo Chamilo Lms | =1.11.18 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-31800?
The severity of CVE-2023-31800 is medium.
How does the Cross Site Scripting vulnerability in Chamilo Lms v.1.11.18 occur?
The Cross Site Scripting vulnerability in Chamilo Lms v.1.11.18 occurs due to improper validation of the forum title parameter.
How can a local attacker exploit CVE-2023-31800?
A local attacker can exploit CVE-2023-31800 by executing arbitrary code through the forum title parameter.
What is the recommended version of Chamilo LMS to fix the CVE-2023-31800 vulnerability?
To fix the CVE-2023-31800 vulnerability, it is recommended to upgrade to Chamilo LMS version 1.11.19 or later.
Where can I find more information about the CVE-2023-31800 vulnerability?
More information about the CVE-2023-31800 vulnerability can be found at http://chamilo.com and https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-102-2023-04-11-Low-impact-Moderate-risk-XSS-in-forum-titles.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/chamilo
- canonical/chamilo chamilo lms
- version/chamilo chamilo lms/1.11.18