Description
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills wheel parameter.
Remediation
References
Related Vulnerabilities
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303)
Sqlite Use After Free Vulnerability (CVE-2020-13871)
Oracle Database Server CVE-2010-0867 Vulnerability (CVE-2010-0867)
Jenkins Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-2612)