Security Advisory

CVE-2025-26153

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-16 00:00:00

Last updated 2025-04-18 12:02:40

Assigner mitre

State PUBLISHED

Description

A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message.

← Browse all CVEs View on cve.org ↗