Vulnerabilities > Chamilo > Chamilo LMS > 1.11.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-31806 | Cross-site Scripting vulnerability in Chamilo LMS 1.11.18 Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function. | 5.4 |
| 2023-05-09 | CVE-2023-31807 | Cross-site Scripting vulnerability in Chamilo LMS 1.11.18 Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function. | 5.4 |
| 2022-04-15 | CVE-2022-27421 | Improper Input Validation vulnerability in Chamilo LMS Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin. | 7.2 |
| 2021-08-10 | CVE-2021-37390 | Cross-site Scripting vulnerability in Chamilo LMS A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature). | 6.1 |