Description
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function.
Remediation
References
Related Vulnerabilities
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4825)
WordPress Plugin Google Pagespeed Insights Cross-Site Scripting (3.0.0)
WordPress Improper Privilege Management Vulnerability (CVE-2019-20043)
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
WordPress Plugin Listing, Classified Ads & Business Directory-uListing Arbitrary File Upload (1.2.1)