A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
References
Link | Resource |
---|---|
https://github.com/chamilo/chamilo-lms/commit/3fcc751d5cc7da311532a8756fba5a8778f50ca0 | Patch Third Party Advisory |
https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chamilo-lms-1.11.14-xss-vulnerabilities | Exploit Third Party Advisory |
Configurations
Information
Published : 2021-08-10 13:15
Updated : 2021-08-17 08:36
NVD link : CVE-2021-37390
Mitre link : CVE-2021-37390
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
chamilo
- chamilo_lms