PT-2022-11296 · Unknown · Chamilo Lms
Febinj
·
Published
2022-03-21
·
Updated
2022-11-24
·
CVE-2021-40662
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Chamilo LMS version 1.11.14
Description
A Cross-Site Request Forgery (CSRF) issue allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.
Recommendations
For Chamilo LMS version 1.11.14, update to a version that includes a fix for this issue, as no specific workaround is provided for this version.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Chamilo Lms