Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/03/02 3:49 p.m.3 views

CVE-2025-52475 Chamilo: Reflected XSS via keyword_inactive parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability in the admin/userlist.php endpoint. The keywordinactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This...

5.1CVSS5.7AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/02 3:49 p.m.5 views

EUVD-2025-208176

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability in the admin/userlist.php endpoint. The keywordinactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This...

5.1CVSS5.7AI score0.00187EPSS
Exploits0References3
OSV
OSV
added 2026/03/02 3:49 p.m.6 views

CVE-2025-52475 Chamilo: Reflected XSS via keyword_inactive parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability in the admin/userlist.php endpoint. The keywordinactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This...

5.1CVSS5.7AI score0.00187EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/02 3:49 p.m.2 views

CVE-2025-52475

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability in the admin/userlist.php endpoint. The keywordinactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This...

6.1CVSS5.7AI score0.00187EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/02 3:49 p.m.28 views

CVE-2025-52475 Chamilo: Reflected XSS via keyword_inactive parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability in the admin/userlist.php endpoint. The keywordinactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This...

5.1CVSS0.00187EPSS
Exploits0References3
CVE
CVE
added 2026/03/02 3:49 p.m.11 views

CVE-2025-52475

CVE-2025-52475 affects Chamilo LMS before 1.11.30. A reflected XSS exists in the admin/user_list.php endpoint where the keyword_inactive parameter is not properly sanitized, allowing an attacker to inject JavaScript via a crafted URL. The issue is patched in version 1.11.30. No exploitation detai...

6.1CVSS5.7AI score0.00187EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Chamilo 跨站脚本漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.30 had a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the keywordinactive parameter in the admin/userlist.php file, which could lead to...

6.1CVSS5.6AI score0.00187EPSS
Exploits0References3
Rows per page
Query Builder