Chamilo LMS v1.11.14 exists to contain a zero click code injection vulnerability which allows malicious users to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chamilo chamilo 1.11.14 |