Cross Site Scripting (XSS) Vulnerability in Chamilo LMS v.1.11.18 via Crafted Payload in My Progress Function

Cross Site Scripting (XSS) Vulnerability in Chamilo LMS v.1.11.18 via Crafted Payload in My Progress Function

CVE-2023-31806 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function.

Learn more about our Web Application Penetration Testing UK.