Unrated severityOSV Advisory· Published Dec 21, 2018· Updated Aug 5, 2024
CVE-2018-20328
CVE-2018-20328
Description
Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2CHAMILO_1_8_7_ALPHA_1, CHAMILO_1_8_7_ALPHA_2, CHAMILO_1_8_7_RC2, …+ 1 more
- (no CPE)range: CHAMILO_1_8_7_ALPHA_1, CHAMILO_1_8_7_ALPHA_2, CHAMILO_1_8_7_RC2, …
- (no CPE)range: =1.11.8
Patches
Vulnerability mechanics
References
2- github.com/chamilo/chamilo-lms/commit/5e61c2b0fcc938ca687b8d4e593b1500aa52a034mitrex_refsource_MISC
- support.chamilo.org/projects/1/wiki/Security_issuesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.