CVE-2019-1000015

Severity Score

6.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to the Administrator with the XSS to steal cookies. A ticket can be created with a XSS payload in the subject field. This attack appears to be exploitable via <svg/onload=alert(1)> as the payload user on the Subject field. This makes it possible to obtain the cookies of all users that have permission to view the tickets. This vulnerability appears to have been fixed in 1.11.x after commit 33e2692a37b5b6340cf5bec1a84e541460983c03.

Chamilo Chamilo-lms, en versiones 1.11.8 y anteriores, contiene una vulnerabilidad Cross-Site Scripting (XSS) en main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php y main/ticket/ticket_details.php que puede resultar en el envío de un mensaje al administrador con el XSS para robar cookies. Se puede crear un ticket con una carga útil de XSS en el campo de asunto. Este ataque parece ser explotable mediante <svg/onload=alert(1)> como el usuario de la carga útil en el campo de asunto. Esto posibilita obtener las cookies de todos los usuarios que tienen permisos para visualizar los tickets. La vulnerabilidad parece haber sido solucionada en las versiones 1.11.x tras el commit con ID 33e2692a37b5b6340cf5bec1a84e541460983c03.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-01-16 CVE Reserved
2019-02-04 CVE Published
2024-08-05 CVE Updated
2024-12-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://github.com/chamilo/chamilo-lms/commit/33e2692a37b5b6340cf5bec1a84e541460983c03	2019-02-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Chamilo Search vendor "Chamilo"		Chamilo Lms Search vendor "Chamilo" for product "Chamilo Lms"				<= 1.11.8 Search vendor "Chamilo" for product "Chamilo Lms" and version " <= 1.11.8"		-		Affected