Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing malicious users to escalate privileges to Platform Admin.
chamilo chamilo lms