CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52470

Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists in the session_category_add.php script. The vulnerability is caused by improper sanitization of the Category Name field, allowing privileged users to inject persistent JavaScript payloads. The injected script is later executed when accessing add_many_sessions_to_category.php, potentially compromising administrative sessions. This issue has been patched in version 1.11.30.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.0%

CVSS Severity

CVSS v3 Score 4.8

References

Products affected by CVE-2025-52470

Chamilo » Chamilo Lms » Version: 1.10.0

cpe:2.3:a:chamilo:chamilo_lms:1.10.0
Chamilo » Chamilo Lms » Version: 1.10.2

cpe:2.3:a:chamilo:chamilo_lms:1.10.2
Chamilo » Chamilo Lms » Version: 1.10.4

cpe:2.3:a:chamilo:chamilo_lms:1.10.4
Chamilo » Chamilo Lms » Version: 1.10.6

cpe:2.3:a:chamilo:chamilo_lms:1.10.6
Chamilo » Chamilo Lms » Version: 1.10.8

cpe:2.3:a:chamilo:chamilo_lms:1.10.8
Chamilo » Chamilo Lms » Version: 1.11.0

cpe:2.3:a:chamilo:chamilo_lms:1.11.0
Chamilo » Chamilo Lms » Version: 1.11.10

cpe:2.3:a:chamilo:chamilo_lms:1.11.10
Chamilo » Chamilo Lms » Version: 1.11.12

cpe:2.3:a:chamilo:chamilo_lms:1.11.12
Chamilo » Chamilo Lms » Version: 1.11.14

cpe:2.3:a:chamilo:chamilo_lms:1.11.14
Chamilo » Chamilo Lms » Version: 1.11.16

cpe:2.3:a:chamilo:chamilo_lms:1.11.16
Chamilo » Chamilo Lms » Version: 1.11.18

cpe:2.3:a:chamilo:chamilo_lms:1.11.18
Chamilo » Chamilo Lms » Version: 1.11.2

cpe:2.3:a:chamilo:chamilo_lms:1.11.2
Chamilo » Chamilo Lms » Version: 1.11.24

cpe:2.3:a:chamilo:chamilo_lms:1.11.24
Chamilo » Chamilo Lms » Version: 1.11.26

cpe:2.3:a:chamilo:chamilo_lms:1.11.26
Chamilo » Chamilo Lms » Version: 1.11.4

cpe:2.3:a:chamilo:chamilo_lms:1.11.4
Chamilo » Chamilo Lms » Version: 1.11.6

cpe:2.3:a:chamilo:chamilo_lms:1.11.6
Chamilo » Chamilo Lms » Version: 1.11.8

cpe:2.3:a:chamilo:chamilo_lms:1.11.8
Chamilo » Chamilo Lms » Version: 1.8.6.1

cpe:2.3:a:chamilo:chamilo_lms:1.8.6.1
Chamilo » Chamilo Lms » Version: 1.8.6.2

cpe:2.3:a:chamilo:chamilo_lms:1.8.6.2
Chamilo » Chamilo Lms » Version: 1.8.7

cpe:2.3:a:chamilo:chamilo_lms:1.8.7
Chamilo » Chamilo Lms » Version: 1.8.7.1

cpe:2.3:a:chamilo:chamilo_lms:1.8.7.1
Chamilo » Chamilo Lms » Version: 1.8.8

cpe:2.3:a:chamilo:chamilo_lms:1.8.8
Chamilo » Chamilo Lms » Version: 1.8.8.2

cpe:2.3:a:chamilo:chamilo_lms:1.8.8.2
Chamilo » Chamilo Lms » Version: 1.8.8.3

cpe:2.3:a:chamilo:chamilo_lms:1.8.8.3
Chamilo » Chamilo Lms » Version: 1.8.8.4

cpe:2.3:a:chamilo:chamilo_lms:1.8.8.4
Chamilo » Chamilo Lms » Version: 1.8.8.6

cpe:2.3:a:chamilo:chamilo_lms:1.8.8.6
Chamilo » Chamilo Lms » Version: 1.9.0

cpe:2.3:a:chamilo:chamilo_lms:1.9.0
Chamilo » Chamilo Lms » Version: 1.9.10

cpe:2.3:a:chamilo:chamilo_lms:1.9.10
Chamilo » Chamilo Lms » Version: 1.9.10.2

cpe:2.3:a:chamilo:chamilo_lms:1.9.10.2
Chamilo » Chamilo Lms » Version: 1.9.10.4

cpe:2.3:a:chamilo:chamilo_lms:1.9.10.4
Chamilo » Chamilo Lms » Version: 1.9.2

cpe:2.3:a:chamilo:chamilo_lms:1.9.2
Chamilo » Chamilo Lms » Version: 1.9.4

cpe:2.3:a:chamilo:chamilo_lms:1.9.4
Chamilo » Chamilo Lms » Version: 1.9.6

cpe:2.3:a:chamilo:chamilo_lms:1.9.6
Chamilo » Chamilo Lms » Version: 1.9.6.1

cpe:2.3:a:chamilo:chamilo_lms:1.9.6.1
Chamilo » Chamilo Lms » Version: 1.9.8

cpe:2.3:a:chamilo:chamilo_lms:1.9.8
Chamilo » Chamilo Lms » Version: 1.9.8.1

cpe:2.3:a:chamilo:chamilo_lms:1.9.8.1
Chamilo » Chamilo Lms » Version: 1.9.8.2

cpe:2.3:a:chamilo:chamilo_lms:1.9.8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52470

Products

Pricing

Contact Us