Skip to main content
CVE-2023-37064 MEDIUM PATCH This Month

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Chamilo
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-37063 MEDIUM PATCH This Month

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Chamilo
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-37062 MEDIUM PATCH This Month

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Chamilo
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-37061 MEDIUM PATCH This Month

Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Chamilo
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-20180 MEDIUM This Month

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Webex Meetings
NVD
CVSS 3.1
4.3
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy