Description
Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section.
Remediation
References
Related Vulnerabilities
WordPress Plugin Button Widget Smartsoft Cross-Site Request Forgery (1.0.1)
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-24977)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2203)