Description
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gmedia Photo Gallery Multiple Cross-Site Scripting Vulnerabilities (1.18.4)
PHP Out-of-bounds Write Vulnerability (CVE-2016-5399)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
PHP Other Vulnerability (CVE-2006-4023)
Chamilo Improper Handling of Case Sensitivity Vulnerability (CVE-2023-3545)