Vulnerabilities > Chamilo > Chamilo LMS > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-03 | CVE-2021-35415 | Cross-site Scripting vulnerability in Chamilo LMS A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields. | 3.5 |
| 2018-12-21 | CVE-2018-20327 | Cross-site Scripting vulnerability in Chamilo LMS 1.11.8 Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. | 3.5 |
| 2018-12-21 | CVE-2018-20328 | Cross-site Scripting vulnerability in Chamilo LMS 1.11.8 Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. | 3.5 |