← Back to CVE List

CVE-2023-4222

Published: 2023-11-28T08:15Z
Last Modified: 2024-11-21T08:34Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Command injection in `main/lp/openoffice_text_document.class.php` in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt