Description

Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends.

Remediation

References

CVE-2020-23126

Related Vulnerabilities

Magento Cryptographic Issues Vulnerability (CVE-2019-7858)

WordPress Plugin WP Editor Cross-Site Scripting (1.2.6.2)

PHP Use After Free Vulnerability (CVE-2018-12882)

MySQL CVE-2014-4258 Vulnerability (CVE-2014-4258)

MyBB Improper Input Validation Vulnerability (CVE-2008-4930)

Severity

Medium

Classification

CVE-2020-23126 CWE-707

Tags

Missing Update Known Vulnerabilities