Platform
php
Component
chamilo-lms
Fixed in
1.11.39
2.0.1
CVE-2026-31941 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in Chamilo LMS. This flaw allows an authenticated attacker to manipulate the readurlwithopengraph endpoint to initiate arbitrary HTTP requests, potentially exposing internal resources. The vulnerability impacts versions 1.11.0 through 2.0.0-RC.3, and a patch is available in version 1.11.38.
The SSRF vulnerability in Chamilo LMS poses a significant risk. An attacker can leverage this flaw to perform internal port scanning, access sensitive cloud instance metadata (e.g., AWS IAM roles), and potentially interact with other internal services without proper authentication. This could lead to data breaches, privilege escalation, and further compromise of the Chamilo LMS environment. The ability to scan internal ports allows attackers to map the internal network and identify other vulnerable services. Accessing cloud metadata can expose credentials or configuration details that could be used to compromise the underlying infrastructure.
CVE-2026-31941 was publicly disclosed on 2026-04-10. While no active exploitation campaigns have been publicly reported, the SSRF vulnerability is generally considered high-risk due to its potential for significant impact. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet available, but the SSRF nature of the vulnerability makes it likely that such exploits will emerge.
Exploit Status
EPSS
0.03% (8% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-31941 is to upgrade Chamilo LMS to version 1.11.38 or later. If upgrading immediately is not feasible, consider implementing temporary workarounds. These may include restricting outbound network access from the Chamilo LMS server using a Web Application Firewall (WAF) or proxy to block requests to internal IP addresses or sensitive endpoints. Carefully review and restrict the allowed URLs within the Social Wall feature. After upgrading, verify the fix by attempting to trigger the SSRF vulnerability using a controlled URL and confirming that the request is blocked or properly sanitized.
Update Chamilo LMS to version 1.11.38 or later, or to version 2.0.0-RC.3 or later. This update fixes the SSRF vulnerability by validating user-provided URLs before making HTTP requests.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-31941 is a Server-Side Request Forgery vulnerability in Chamilo LMS versions 1.11.0 through <2.0.0-RC.3, allowing attackers to make arbitrary HTTP requests.
You are affected if you are running Chamilo LMS versions 1.11.0 through <2.0.0-RC.3. Upgrade to 1.11.38 or later to mitigate the risk.
Upgrade Chamilo LMS to version 1.11.38 or later. As a temporary workaround, restrict outbound network access using a WAF or proxy.
No active exploitation campaigns have been publicly reported, but the SSRF nature of the vulnerability makes exploitation likely.
Refer to the official Chamilo LMS security advisories on their website for the latest information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.