Lucene search

PRIOn knowledge basePRION:CVE-2023-37063

HistoryJul 07, 2023 - 5:15 p.m.

Design/Logic Flaw

2023-07-0717:15:00

PRIOn knowledge base

www.prio-n.com

chamilo

xss

admin privilege

careers

promotions

logic flaw

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.6%

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.

CPENameOperatorVersion
chamiloge1.11.0
chamilole1.11.20

CPE	Name	Operator	Version
	chamilo	ge	1.11.0
	chamilo	le	1.11.20

References

github.com/chamilo/chamilo-lms/commit/546a18b0bd1446123f4e29f81f42e71b761f51b7

support.chamilo.org/projects/1/wiki/Security_issues