Access Control Flaw in Chamilo Learning Management System

CVE-2024-30619

What is CVE-2024-30619?

Chamilo LMS Version 1.11.26 is insecure due to an Incorrect Access Control vulnerability. This issue enables unauthorized individuals to query sensitive information, such as the count of messages and the number of online users, through specific AJAX endpoints. Attackers can exploit this vulnerability without authentication, potentially compromising user privacy and system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References