{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T21:18:51.451","vulnerabilities":[{"cve":{"id":"CVE-2025-52482","sourceIdentifier":"security-advisories@github.com","published":"2026-03-02T15:16:30.990","lastModified":"2026-03-03T19:13:35.437","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30."},{"lang":"es","value":"Chamilo es un sistema de gestión del aprendizaje. Antes de la versión 1.11.30, existe una vulnerabilidad de XSS Almacenado en la función de glosario, que permite a todos los usuarios con el rol de Profesor inyectar código JavaScript malicioso contra el administrador. Este problema ha sido parcheado en la versión 1.11.30."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.7,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:*:*:*:*:*:*:*:*","versionEndExcluding":"1.11.30","matchCriteriaId":"A3963F8D-F787-4A44-90A3-9F26F9E480AA"}]}]}],"references":[{"url":"https://github.com/chamilo/chamilo-lms/commit/241c569dde0ad0e34d558ae51271f70438189b0e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/chamilo/chamilo-lms/commit/82cc07edd8ef316e6b36da7c501120d5c0aeb151","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/chamilo/chamilo-lms/commit/f9150075246df4ed9755a4a150e25edb468767be","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/chamilo/chamilo-lms/releases/tag/v1.11.30","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-4wcp-3rh3-7wm4","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}}]}