Vulnerability Details CVE-2023-37065
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.2%
CVSS Severity
CVSS v3 Score 4.8
References
- https://github.com/chamilo/chamilo-lms/commit/da61f287d2e508a5e940953b474051d0f21e91c0
- https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-118-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-session-category-management
- https://github.com/chamilo/chamilo-lms/commit/da61f287d2e508a5e940953b474051d0f21e91c0
- https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-118-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-session-category-management
Products affected by CVE-2023-37065
-
cpe:2.3:a:chamilo:chamilo:1.11.0
-
cpe:2.3:a:chamilo:chamilo:1.11.10
-
cpe:2.3:a:chamilo:chamilo:1.11.12
-
cpe:2.3:a:chamilo:chamilo:1.11.14
-
cpe:2.3:a:chamilo:chamilo:1.11.16
-
cpe:2.3:a:chamilo:chamilo:1.11.18
-
cpe:2.3:a:chamilo:chamilo:1.11.2
-
cpe:2.3:a:chamilo:chamilo:1.11.20
-
cpe:2.3:a:chamilo:chamilo:1.11.4
-
cpe:2.3:a:chamilo:chamilo:1.11.6
-
cpe:2.3:a:chamilo:chamilo:1.11.8