Description

chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie.

Remediation

References

CVE-2021-43687

Related Vulnerabilities

WordPress Plugin Contact Form DB CSV Injection (2.10.32)

Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25978)

WordPress Plugin Ultimate WordPress Auction Multiple Vulnerabilities (4.0.5)

WordPress Plugin FPW Category Thumbnails Multiple Unspecified Vulnerabilities (1.6.7)

WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.10.3)

Severity

Medium

Classification

CVE-2021-43687 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities