Unrated severityNVD Advisory· Published Feb 8, 2020· Updated Aug 6, 2024
CVE-2012-4029
CVE-2012-4029
Description
Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the category_name parameter in an addsentcategory action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Chamilo/LMSdescription
- Range: <1.8.8.6
Patches
Vulnerability mechanics
References
3- support.chamilo.org/attachments/download/2863/chamilo-1.8.8.4-to-1.8.8.6.patchmitrex_refsource_MISC
- packetstormsecurity.com/files/115927/Chamilo-1.8.8.4-XSS-File-Deletion.htmlmitrex_refsource_MISC
- support.chamilo.org/projects/chamilo-18/wiki/Security_issuesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.