Chamilo Deserialization of Untrusted Data Vulnerability - CVE-2025-50198
Reference:
CVE-2025-50198
Title:
Chamilo Deserialization of Untrusted Data Vulnerability
Overview:
Chamilo is a learning management system. Prior to version 1.11.30 Chamilo is vulnerable to deserialization of untrusted data in /plugin/vchamilo/views/import.php via POST configuration_file POST course_path POST home_path parameters. This issue has been patched in version 1.11.30.