Server-Side Request Forgery in Chamilo LMS Affects Learning Management System
CVE-2026-31941

7.7HIGH

Key Information:

Vendor

Chamilo

Status
Chamilo-lms
Vendor
CVE Published:
10 April 2026

What is CVE-2026-31941?

Chamilo LMS is susceptible to a Server-Side Request Forgery (SSRF) due to its Social Wall feature. It accepts user input through the social_wall_new_msg_main POST parameter, allowing engineers to perform unauthorized HTTP requests to both internal and external URLs. This security flaw could enable authenticated attackers to access internal services, conduct port scans, and exploit cloud instance metadata. The vulnerability has been rectified in versions 1.11.38 and 2.0.0-RC.3.

Affected Version(s)

chamilo-lms < 1.11.38 < 1.11.38

chamilo-lms >= 2.0.0-alpha.1, < 2.0.0-RC.3 < 2.0.0-alpha.1, 2.0.0-RC.3

References

https://github.com/chamilo/chamilo-lms/security/advisorie...
x_refsource_CONFIRM
https://github.com/chamilo/chamilo-lms/commit/e3790c5f0ff...
x_refsource_MISC
https://github.com/chamilo/chamilo-lms/commit/ea6b7b7e905...
x_refsource_MISC

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.