First published: Fri Jul 07 2023(Updated: )
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Chamilo Chamilo | >=1.11.0<=1.11.20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-37067 is a vulnerability in Chamilo 1.11.x up to 1.11.20 that allows users with admin privilege account to insert XSS in the classes/usergroups management section.
CVE-2023-37067 has a severity score of 4.8, which is considered medium.
Chamilo versions 1.11.x up to 1.11.20 are affected by CVE-2023-37067.
An attacker with admin privilege account can exploit CVE-2023-37067 by inserting XSS in the classes/usergroups management section.
Yes, a fix for CVE-2023-37067 is available. It is recommended to update to a version of Chamilo that is not affected by the vulnerability.