Description
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.
Remediation
References
Related Vulnerabilities
phpMyAdmin Other Vulnerability (CVE-2006-1258)
WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3546)
Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)
WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)