2023-06-08 00:00:00
mitre
PUBLISHED
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the documents ID.