CVE-2023-3533

Published: Nov 28, 2023
Updated: Dec 6, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3533" target="_blank" rel="noopener"> CVE-2023-3533
Severity: Critical
Exploit:

Path traversal in file upload functionality in /main/webservices/additional_webservices.php in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via arbitrary file write.