Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2023-3368
Command injection in /main/webservices/additional_webservices.php in Chamilo LMS lt v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960.