Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-35413 - Vulnerability Database

Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-35413

High
Reference: CVE-2021-35413
Title: Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers to execute arbitrary code via a crafted .htaccess file.