CVE-2025-52564 is a cross-site scripting (XSS) vulnerability classified under CWE-80 affecting the Chamilo learning management system (LMS) in versions prior to 1.11.30. The vulnerability stems from the 'open' parameter in the help.php script, which fails to properly neutralize or sanitize user-supplied input before rendering it in the web page. This improper input handling allows an attacker to inject arbitrary HTML tags, such as underlined text or potentially malicious scripts, by crafting a specially formed URL. The vulnerability is exploitable remotely without any authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The CVSS score of 6.9 (medium severity) reflects the moderate impact on confidentiality and integrity, with no direct impact on availability. Exploitation could lead to content spoofing, session hijacking, or redirection to malicious sites, undermining user trust and potentially exposing sensitive information. The issue was addressed and patched in Chamilo LMS version 1.11.30 by implementing proper input sanitization and output encoding to prevent injection of script-related HTML tags. No known exploits have been reported in the wild to date, but the vulnerability remains a concern for organizations running outdated versions of Chamilo LMS.

The primary impact of CVE-2025-52564 is on the confidentiality and integrity of users interacting with vulnerable Chamilo LMS instances. Successful exploitation can allow attackers to inject arbitrary HTML content, potentially including malicious scripts, which can be used for phishing, session hijacking, or delivering malware. This undermines user trust and can lead to unauthorized access to user accounts or sensitive educational data. Since the vulnerability does not require authentication or user interaction, it can be exploited by remote attackers with minimal effort. Although availability is not directly affected, the reputational damage and potential data breaches can have significant operational and compliance consequences for educational institutions and organizations using Chamilo LMS. The scope is limited to Chamilo LMS deployments running versions prior to 1.11.30, but given the widespread use of Chamilo in education sectors worldwide, the potential impact is notable.

Organizations should immediately upgrade Chamilo LMS to version 1.11.30 or later, where the vulnerability is patched. In addition to patching, implement strict input validation and output encoding on all user-supplied data, especially URL parameters like 'open' in help.php, to prevent injection of HTML or script tags. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of potential XSS attacks. Regularly audit and monitor web application logs for suspicious URL patterns that may indicate exploitation attempts. Educate users and administrators about the risks of clicking on untrusted links and encourage the use of security awareness training. Finally, consider deploying web application firewalls (WAFs) configured to detect and block XSS attack vectors targeting Chamilo LMS.