Description
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin.
Remediation
References
Related Vulnerabilities
WordPress Plugin Goolytics-Simple Google Analytics Cross-Site Scripting (1.1.1)
b2evolution Improper Input Validation Vulnerability (CVE-2017-1000423)
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.21)
WordPress Plugin StoryChief Cross-Site Scripting (1.0.30)
Moodle Improper Access Control Vulnerability (CVE-2025-62393)