Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-31799 - Vulnerability Database

Chamilo

Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-31799

Medium

Reference: CVE-2023-31799

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-31799

Title: Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter.