CVE-2026-33703 | Chamilo LMS up to 2.0.0-RC.2 personal-data userId authorization

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Chamilo LMS up to 2.0.0-RC.2. Affected by this vulnerability is an unknown functionality of the file /social-network/personal-data/. This manipulation of the argument userId causes authorization bypass.

This vulnerability is tracked as CVE-2026-33703. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-33703 | Chamilo LMS up to 2.0.0-RC.2 personal-data userId authorization

Post correlati

CVE-2025-7464 | osrg GoBGP up to 3.37.0 pkg/packet/rtr/rtr.go SplitRTR out-of-bounds

CVE-2024-26483 | Kirby CMS 4.1.0 Profile Image Module unrestricted upload

CVE-2024-45306 | vim up to 9.1.0697 heap-based overflow

CVE-2025-13764 | WP CarDealer Plugin up to 1.2.16 on WordPress process_register Remote Code Execution