Description
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter.
Remediation
References
Related Vulnerabilities
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743)
MediaWiki CVE-2023-29137 Vulnerability (CVE-2023-29137)
OpenVPN AS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9104)
WordPress Plugin BadgeOS SQL Injection (3.7.1.2)
WordPress Plugin WordPress Poll Multiple SQL Injection and Security Bypass Vulnerabilities (34.04)