CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-27524

Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the new_ticket.php component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 48.2%

CVSS Severity

CVSS v3 Score 7.1

References

https://github.com/chamilo/chamilo-lms/commit/53275c152275958b33a1f87a21843daa52fb543a
https://www.less-secure.com/2024/10/chamilo-lms-cve-2024-27524-cve-2024.html

Products affected by CVE-2024-27524

Chamilo » Chamilo Lms » Version: 1.11.26

cpe:2.3:a:chamilo:chamilo_lms:1.11.26

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27524

Products

Pricing

Contact Us