Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2025-52482
Reference:
CVE-2025-52482
Title:
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
Chamilo is a learning management system. Prior to version 1.11.30 a Stored XSS vulnerability exists in the glossary function enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30.