CVE-2026-31941

EPSS 0.23%
Veröffentlicht 10.04.2026 17:37:50
Zuletzt bearbeitet 17.04.2026 21:31:11
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Server-Side Request Forgery (SSRF) in Chamilo LMS

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains a Server-Side Request Forgery (SSRF) vulnerability in the Social Wall feature. The endpoint read_url_with_open_graph accepts a URL from the user via the social_wall_new_msg_main POST parameter and performs two server-side HTTP requests to that URL without validating whether the target is an internal or external resource. This allows an authenticated attacker to force the server to make arbitrary HTTP requests to internal services, scan internal ports, and access cloud instance metadata. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 11 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Chamilo ≫ Chamilo Lms Version < 1.11.38

Chamilo ≫ Chamilo Lms Version2.0.0 Updatealpha1

Chamilo ≫ Chamilo Lms Version2.0.0 Updatealpha2

Chamilo ≫ Chamilo Lms Version2.0.0 Updatealpha3

Chamilo ≫ Chamilo Lms Version2.0.0 Updatealpha4

Chamilo ≫ Chamilo Lms Version2.0.0 Updatealpha5

Chamilo ≫ Chamilo Lms Version2.0.0 Updatebeta1

Chamilo ≫ Chamilo Lms Version2.0.0 Updatebeta2

Chamilo ≫ Chamilo Lms Version2.0.0 Updatebeta3

Chamilo ≫ Chamilo Lms Version2.0.0 Updaterc1

Chamilo ≫ Chamilo Lms Version2.0.0 Updaterc2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.136

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
security-advisories@github.com	7.7	3.1	4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-q74c-mx8x-489h

Vendor Advisory

https://github.com/chamilo/chamilo-lms/commit/e3790c5f0ff3b4dc547c2099fadf5c438c1bb265

Patch

https://github.com/chamilo/chamilo-lms/commit/ea6b7b7e90580c9b01dc4bcafe4ad737061e0ead

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31941

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31941

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31941

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-31941