CVE-2026-32932

MEDIUM

Chamilo LMS Session Course Edit page - Open Redirect

Title source: manual

Description

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administrator to an arbitrary external URL after saving coach assignment changes. The redirect also leaks the id_session parameter to the attacker's server. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3.

References (3)

Core 3

Core References

X_Refsource_Confirm x_refsource_confirm

https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-q2cp-3qj3-wx8q

X_Refsource_Misc x_refsource_misc

https://github.com/chamilo/chamilo-lms/commit/b005b3d3e76cf6eafc03e15ac445ceff089551c0

View Writeup ZIP pw:eip

X_Refsource_Misc x_refsource_misc

https://github.com/chamilo/chamilo-lms/commit/fbd8d7eb37d05ec974293f05b6ffaaf9102ebd2b

View Writeup ZIP pw:eip

Scores

CVSS v3 4.7

EPSS 0.0018

EPSS Percentile 7.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (4)

chamilo/chamilo-lms < 1.11.38

chamilo/chamilo-lms >= 2.0.0-alpha.1, < 2.0.0-RC.3

chamilo/chamilo_lms 2.0.0 alpha1 (10 CPE variants)

chamilo/chamilo_lms < 1.11.38

Published Apr 10, 2026

Tracked Since Apr 11, 2026