CVE-2025-52482

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30

Description Chamilo is a learning management system. A Stored Cross-Site Scripting (XSS) issue exists within the glossary function. Users with the Teachers role can inject JavaScript malicious code, potentially impacting the administrator. The glossary function allows for the storage of terms and definitions, and the vulnerability arises from insufficient input validation or sanitization when handling user-provided content within this function.

Recommendations Update to version 1.11.30 or later.