CVE-2023-39061

2023-08-2117:15:48

Google

osv.dev

cve-2023-39061

cross site request forgery

chamilo v.1.11

remote authenticated attacker

arbitrary code execution

software vulnerability

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

35.1%

JSON

Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code.

References

chamilo.com

support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-123-2023-07-08-Moderate-impact-Moderate-risk-CSRF-through-admin-account-forum-posts