Description
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to improper sanitization of the keyword_active parameter in admin/user_list.php. This issue has been patched in version 1.11.30.
Remediation
References
Related Vulnerabilities
MongoDb Out-of-bounds Write Vulnerability (CVE-2026-9753)
WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)
WordPress Plugin Feature Slideshow 'src' Parameter Cross-Site Scripting (1.0.6beta)
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2025-61795)
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)