CVE-2025-52470
CVE-2025-52470 affects Chamilo LMS prior to version 1.11.30. It is a stored XSS vulnerability in session_category_add.php where improper sanitization of the Category Name allows privileged users to inject persistent JavaScript payloads. The injected script can execute when administrators access a...