First published: Fri Sep 01 2023(Updated: )
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Chamilo Chamilo Lms | >=1.11<=1.11.20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-39582 is a SQL Injection vulnerability in Chamilo LMS v.1.11 through v.1.11.20.
CVE-2023-39582 allows a remote privileged attacker to obtain sensitive information via the import sessions functions in Chamilo LMS v.1.11 through v.1.11.20.
CVE-2023-39582 has a severity score of 4.9, which is considered medium.
To fix CVE-2023-39582 in Chamilo LMS, you should apply the necessary patches or upgrades provided by Chamilo. It is important to keep your Chamilo LMS installation up to date.
You can find more information about CVE-2023-39582 at the following link: [Chamilo Security Issues](https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-126-2023-07-18-High-impact-Low-risk-SQL-injection-by-admin-users)