Description
admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities.
Remediation
References
Related Vulnerabilities
WordPress Plugin Judge.me Product Reviews for WooCommerce Cross-Site Scripting (1.3.20)
WordPress Plugin RB Agency Local File Disclosure (2.4.7)
MySQL CVE-2015-4767 Vulnerability (CVE-2015-4767)
WordPress Plugin ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00)
WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.6.9.1)