CVE-2018-20328

Name of the Vulnerable Software and Affected Versions Chamilo LMS version 1.11.8

Description The issue allows authenticated users to affect other users under specific conditions of permissions granted by administrators. It is considered low risk due to the nature of the feature it exploits. The problem is related to the social groups tool in the main/social/group view.php file.

Recommendations For Chamilo LMS version 1.11.8, consider restricting access to the social groups tool until a fix is available, or apply specific configuration changes to limit the permissions that can be granted by administrators to mitigate the risk.