Cross Site Scripting Vulnerability in Chamilo LMS by Chamilo

CVE-2023-31802

What is CVE-2023-31802?

A Cross Site Scripting vulnerability found in Chamilo LMS version 1.11.18 enables local attackers to exploit specific URL parameters such as skype and linedin_url to execute arbitrary code. This vulnerability raises significant security concerns, highlighting the need for timely updates and proper user input validation to mitigate risks.

References