← Back to CVE List
CVE-2023-34958
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt