Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Chamilo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability - CVE-2025-52564 - Vulnerability Database
Chamilo

Chamilo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability - CVE-2025-52564

Medium
Reference: CVE-2025-52564
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-52564
Title: Chamilo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability
Overview:

Chamilo is a learning management system. Prior to version 1.11.30 the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML such as underlined text via a crafted URL. This issue has been patched in version 1.11.30.