Headline
CVE-2023-34944: Vendor: Require enshrined/svg-sanitize · chamilo/chamilo-lms@f6e8355
An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file.
Skip to content
Sign up
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
Explore
* All features
* Documentation
* GitHub Skills
* Blog
For
- Enterprise
- Teams
- Startups
- Education
By Solution
- CI/CD & Automation
- DevOps
- DevSecOps
Case Studies
- Customer Stories
- Resources
GitHub Sponsors
Fund open source developers
* The ReadME Project
GitHub community articles
Repositories
* Topics
* Trending
* Collections
Pricing
In this repository All GitHub
No suggested jump to results
In this repository All GitHub
In this organization All GitHub
In this repository All GitHub
Sign in
Sign up
chamilo / chamilo-lms Public
- Notifications
- Fork 441
- Star 685
- Code
- Issues 436
- Pull requests 27
- Actions
- Projects
- Wiki
- Security
- Insights
More
Commit
Permalink
Browse files
Browse the repository at this point in the history
Vendor: Require enshrined/svg-sanitize
- Loading branch information
AngelFQC committed
Jun 2, 2023
1 parent d0cc583 commit f6e8355
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions composer.json
Show comments View file
Expand Up
@@ -59,6 +59,7 @@
"doctrine/orm": "~2.5",
"emojione/emojione": "1.3.0",
"endroid/qr-code": "2.5.*",
"enshrined/svg-sanitize": "^0.16.0",
"essence/essence": "2.6.1",
"ezyang/htmlpurifier": "~4.9",
"facebook/php-sdk-v4": "~5.0",
Expand Down
0 comments on commit f6e8355
Please sign in to comment.