CVE-2020-23128

Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:chamilo:chamilo_lms:1.11.10:*:*:*:*:*:*:*

Information

Published : 2021-05-06 06:15

Updated : 2021-05-11 12:41


NVD link : CVE-2020-23128

Mitre link : CVE-2020-23128


JSON object : View

CWE
CWE-269

Improper Privilege Management

Advertisement

dedicated server usa

Products Affected

chamilo

  • chamilo_lms