A vulnerability was found in Chamilo LMS up to 1.11.20 and classified as critical. Affected by this issue is some unknown functionality of the file /main/webservices/additional_webservices.php of the component File Upload. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2023-3533. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.