GHSA-jfvr-vp65-vw72
GitHub Security Advisory
⚠ Unreviewed
HIGH
Has CVE
Advisory Details
Command injection in `main/lp/openoffice_presentation.class.php` in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters.
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: July 28, 2025 6:37 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.