CVE-2025-55208 - Chamilo LMS has Stored Cross Site Scripting on Social Networks Uploaded Files

CVE ID : CVE-2025-55208 Published : March 5, 2026, 9:16 p.m. | 27 minutes ago Description : Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Networks`. Through it, a low-privilege user can execute arbitrary code in the admin user inbox, allowing takeover of the admin account. Version 1.11.34 fixes the issue. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...