CVE-2023-37062: Chamilo LMS 1.11.x up to 1.11.20 Cross-Site Scripting (XSS) Vulnerability through Course Categories

A newly discovered vulnerability, identified as CVE-2023-37062, was found in the popular e-learning platform Chamilo LMS versions 1.11.x up to 1.11.20. This security flaw lets malicious attackers exploit Cross-Site Scripting (XSS) attacks on the platform via the course categories' definition. The exploit only affects users with administrative privileges, but it is still considered a significant concern since it can lead to unauthorized access and control over sensitive data.

Exploit Details

The vulnerability is present in the course categories feature, which allows users with administrative privileges to create, edit, and manage the categories. It can be exploited through the insertion of malicious JavaScript code into the category name or description. The XSS payload is then executed when a user with administrative privileges views the categories listing.

Here is a simple example of an XSS payload that could be used to demonstrate this vulnerability

<script>alert('XSS');</script>

When an admin includes this payload as the name or description of a course category, it will then be executed for all users with admin privileges who view the course categories list.

Log in to the Chamilo LMS platform as a user with administrative privileges.

2. Navigate to the course categories management page (/main/admin/course_category.php).

Create a new course category or edit an existing one.

4. Insert the XSS payload (e.g., <script>alert('XSS');</script>) into the "Category name" or "Description" field.

Click "Add" or "Update" to save the changes.

6. Go back to the course categories management page. The XSS payload will now be executed for any user with administrative privileges who visits the page.

References

- Official CVE Details (CVE-2023-37062)
- Chamilo LMS Official Website

Mitigation

As of now, there are no official patches available to fix this vulnerability. Until a patch is released, users can take the following steps to minimize the risk:

Conclusion

The CVE-2023-37062 vulnerability in Chamilo LMS 1.11.x up to 1.11.20 highlights the importance of regularly updating web applications and ensuring a secure environment for users. By understanding the risks associated with XSS attacks, administrators can better protect their systems and user data. Keep an eye out for updates to Chamilo LMS, as they will likely release a patch soon to address this security concern.

Timeline

Published on: 07/07/2023 17:15:00 UTC
Last modified on: 07/12/2023 20:50:00 UTC