Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2024-51142 - Vulnerability Database

Chamilo

Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2024-51142

Medium

Reference: CVE-2024-51142

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-51142

Title: Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an attacker to execute arbitrary code via the svkey parameter of the storageapi.php file.