Description

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Reference (IDOR) vulnerability in the Learning Path progress saving endpoint. The file lp_ajax_save_item.php accepts a uid (user ID) parameter directly from $_REQUEST and uses it to load and modify another user's Learning Path progress — including score, status, completion, and time — without verifying that the requesting user matches the target user ID. Any authenticated user enrolled in a course can overwrite another user's Learning Path progress by simply changing the uid parameter in the request. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3.

INFO

Published Date :

2026-04-10T18:15:49.964Z

Last Modified :

2026-04-10T18:15:49.964Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-33702 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-33702.

URL Resource
https://github.com/chamilo/chamilo-lms/commit/6331d051b4468deb5830c01d1e047c5e5cf2c74f cve-icon cve-icon
https://github.com/chamilo/chamilo-lms/commit/bf3f6c6949b5c882b48a9914baa19910417e4551 cve-icon cve-icon
https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-3rv7-9fhx-j654 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact