CVE-2020-23128

Published: 2021-05-06T13:15Z

Last Modified: 2024-11-21T05:13Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt