A vulnerability classified as critical has been found in Chamilo LMS up to 1.11.24. This affects an unknown part of the file /main/inc/ajax/document.ajax.php. The manipulation leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2023-4223. It is possible to initiate the attack remotely. There is no exploit available.