CVE-2023-4222
- Reference to the description:
- Description:
- Command injection in `main/lp/openoffice_text_document.class.php` in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters.
- Last updated date:
- 11/30/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/30/2023
- Reference url to background