CVE-2025-55289
Stored XSS in Chamilo LMS Enables Full Account Takeover
Publication date: 2026-03-06
Last updated on: 2026-03-09
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| chamilo | chamilo_lms | to 1.11.34 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-55289 is a high-severity Stored Cross-Site Scripting (XSS) vulnerability in Chamilo LMS versions up to and including 1.11.32. It exists in the Skill management feature, specifically in the "argumentation" parameter, which does not properly sanitize user input.'}, {'type': 'paragraph', 'content': 'This flaw allows an attacker to inject arbitrary JavaScript code that is stored and later executed within the platformβs social network and internal messaging components when viewed by authenticated users, including administrators.'}] [1]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to full account takeover through session hijacking, unauthorized actions performed with the victimβs privileges, exfiltration of sensitive data, and potential self-propagation to other users.
This severely compromises the confidentiality, integrity, and availability of the LMS environment.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'The vulnerability exists in the Skill management feature of Chamilo LMS, specifically in the "argumentation" parameter which fails to properly sanitize user input, allowing stored XSS attacks.'}, {'type': 'paragraph', 'content': 'To detect this vulnerability, you can attempt to inject a harmless JavaScript payload into the "argumentation" parameter within the Skill management feature and then observe if the payload executes when viewed by an authenticated user.'}, {'type': 'paragraph', 'content': 'Since this is a web application vulnerability, detection typically involves manual or automated testing of input fields for stored XSS. Tools like Burp Suite or OWASP ZAP can be used to automate such tests.'}, {'type': 'list_item', 'content': 'Use a web proxy tool (e.g., Burp Suite) to intercept and modify requests to the Skill management feature, injecting test scripts into the "argumentation" parameter.'}, {'type': 'list_item', 'content': 'Monitor the application behavior by logging in as an authenticated user and checking if the injected script executes in the social network or internal messaging components.'}, {'type': 'list_item', 'content': 'No specific command-line commands are provided in the resources for detection.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The immediate and most effective mitigation step is to upgrade Chamilo LMS to version 1.11.34 or later, where this stored XSS vulnerability has been patched.'}, {'type': 'paragraph', 'content': 'Until the upgrade can be performed, consider restricting access to the Skill management feature to trusted users only, to reduce the risk of malicious input.'}, {'type': 'paragraph', 'content': 'Additionally, monitor user inputs and sanitize or filter the "argumentation" parameter manually if possible, to prevent injection of malicious scripts.'}, {'type': 'paragraph', 'content': 'Review and enhance web application firewall (WAF) rules to detect and block typical XSS payloads targeting the affected parameters.'}] [1]