CVE-2025-26153

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-26153

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-26153.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-26153

Published

2025-04-16T21:15:46Z

Modified

2025-04-18T16:51:52.372530Z

Summary

[none]

Details

A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message.

References

Affected packages

Git / github.com/chamilo/chamilo-lms

Affected ranges

Type: GIT
Repo: https://github.com/chamilo/chamilo-lms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

beb07770d674fcc9db6df0e59aab107678c28682

Fixed

d5c29cf39ac30d7364a52bba4036c3e870412066

Affected versions

1.*

1.10.x.pre-doctrine

Other

CHAMILO_1_10_DEV_ICPNA_20130114

CHAMILO_1_8_6_2_BETA_1

CHAMILO_1_8_6_2_STABLE

CHAMILO_1_8_6_2_STABLE_BIS

CHAMILO_1_8_6_2_STABLE_CUATER

CHAMILO_1_8_6_2_STABLE_TRIS

CHAMILO_1_8_7_1_STABLE_1

CHAMILO_1_8_7_1_STABLE_2

CHAMILO_1_8_7_ALPHA_1

CHAMILO_1_8_7_ALPHA_2

CHAMILO_1_8_7_BETA_1

CHAMILO_1_8_7_RC2

CHAMILO_1_8_7_RC_1

CHAMILO_1_8_7_STABLE

CHAMILO_1_8_7_STABLE_BIS

CHAMILO_1_8_8_2_RC_1

CHAMILO_1_8_8_2_STABLE

CHAMILO_1_8_8_2_STABLE_2

CHAMILO_1_8_8_2_STABLE_3

CHAMILO_1_8_8_4_BETA_1

CHAMILO_1_8_8_4_STABLE

CHAMILO_1_8_8_ALPHA

CHAMILO_1_8_8_BETA_1

CHAMILO_1_8_8_BETA_2

CHAMILO_1_8_8_BETA_3

CHAMILO_1_8_8_STABLE_1

CHAMILO_1_9_0_ALPHA_1

CHAMILO_1_9_0_ALPHA_2

CHAMILO_1_9_0_ALPHA_3

CHAMILO_1_9_0_ALPHA_4

CHAMILO_1_9_0_ALPHA_5

CHAMILO_1_9_0_ALPHA_6

CHAMILO_1_9_0_ALPHA_7

CHAMILO_1_9_0_PRE_ALPHA

CHAMILO_1_9_0_RC_1

CHAMILO_1_9_0_STABLE

CHAMILO_1_9_0_STABLE_2

CHAMILO_1_9_0_STABLE_3

CHAMILO_1_9_2_STABLE

CHAMILO_1_9_2_STABLE_BIS

CHAMILO_1_9_2_STABLE_QUARTER

CHAMILO_1_9_2_STABLE_TRIS

CHAMILO_1_9_4_ALPHA_1

CHAMILO_1_9_4_RC_1

CHAMILO_1_9_4_STABLE

CHAMILO_1_9_6_RC_1

CHAMILO_1_9_6_RC_2

CHAMILO_1_9_6_STABLE

CHAMILO_1_8_8.*

CHAMILO_1_8_8.3_STABLE_4

v1.*

v1.10.6-softaculous

v1.10.6-stable

v1.11.10

v1.11.12

v1.11.12-beta.1

v1.11.14

v1.11.14-beta.1

v1.11.18

v1.11.20

v1.11.20-beta.1

v1.11.22

v1.11.22-beta.1

v1.11.22-beta.2

v1.11.24

v1.11.26

v1.11.26-rc.1

v1.11.28

v1.11.6

v1.11.6-alpha.1

v1.11.8

v1.8.6.1

v1.9.10

v1.9.10.2

v1.9.8

v1.9.8.1

v1.9.8.2