Unrated severityNVD Advisory· Published Mar 21, 2022· Updated Aug 4, 2024
CVE-2021-38745
CVE-2021-38745
Description
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.
Affected products
2- Chamilo LMS/Chamilo LMSdescription
- Range: = 1.11.14
Patches
Vulnerability mechanics
References
1- support.chamilo.org/projects/chamilo-18/wiki/Security_issuesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.