Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2023-4222 - Vulnerability Database

Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2023-4222

High
Reference: CVE-2023-4222
Title: Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Overview:

Command injection in main/lp/openoffice_text_document.class.php in Chamilo LMS lt v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters.