Description
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.
Remediation
References
Related Vulnerabilities
Python Files or Directories Accessible to External Parties Vulnerability (CVE-2019-13404)
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2022-34253)
WordPress Plugin Wp-ImageZoom 'file' Parameter Information Disclosure (1.0.3)