2 matches found
CVE-2024-30618
A Stored Cross-Site Scripting XSS Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript in a web browser by including a malicious payload in the 'content' parameter of 'grouptopics.php'...
CVE-2024-30618
CVE-2024-30618 is a Stored XSS in Chamilo LMS 1.11.26 triggered by a malicious payload in the content parameter of group_topics.php. Impact is to execute JavaScript in a victim’s browser (confidentiality/integrity) with network access and user interaction required. Root cause is insufficient inpu...