Chamilo Lms@1.11.10 Security Vulnerabilities and Issues — Chamilo Lms@1.11.10 CVE List

Lucene search

ChamiloChamilo Lms1.11.10

3 matches found

CVE•added 2021/11/03 5:15 p.m.•35 views

CVE-2020-23126

Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends.

6.1CVSS6AI score0.00616EPSS

CVE•added 2021/05/06 1:15 p.m.•29 views

CVE-2020-23127

Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.

8.8CVSS8.8AI score0.00187EPSS

CVE•added 2021/05/06 1:15 p.m.•26 views

CVE-2020-23128

Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.

4.9CVSS5.1AI score0.00189EPSS