Lucene search

K

GoogleOSV:CVE-2020-23127

HistoryMay 06, 2021 - 1:15 p.m.

CVE-2020-23127

2021-05-0613:15:09

Google

osv.dev

2

chamilo

lms

csrf

vulnerability

edit_user

admin

user

software

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

46.9%

Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.

References

support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-41-2020-04-22-Medium-risk-high-impact-CSRF-and-privilege-escalation-via-CSRF

toandak.blogspot.com/2020/05/csrf-vulnerbility-in-chamilo-lms.html

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

46.9%

Related for OSV:CVE-2020-23127

cvelist1 nvd1 cve1 prion1