Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

📄 Chamillo LMS 1.11.2 Missing Cache Header

🗓️ 19 Jan 2026 00:00:00Reported by Rivek Raj TamangType 
packetstorm
 packetstorm🔗 packetstorm.news👁 169 Views

Chamilo LMS 1.11.2 exposes user data after logout due to missing cache headers, enabling back-button access

Related
Code
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2025-69581
16 Jan 202600:00
attackerkb
Circl		CVE-2025-69581
16 Jan 202623:02
circl
CNNVD		Chamilo LMS security vulnerabilities
16 Jan 202600:00
cnnvd
CVE		CVE-2025-69581
16 Jan 202600:00
cve
Cvelist		CVE-2025-69581
16 Jan 202600:00
cvelist
EUVD		EUVD-2026-2873
16 Jan 202600:00
euvd
NVD		CVE-2025-69581
16 Jan 202620:15
nvd
OSV		CVE-2025-69581
16 Jan 202620:15
osv
Positive Technologies		PT-2026-3305
16 Jan 202600:00
ptsecurity
RedhatCVE		CVE-2025-69581
17 Jan 202603:22
redhatcve
Rows per page
# CVE-2025-69581
    
     An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to view confidential information. This leads to profiling, impersonation, targeted attacks, and significant privacy risks. Discovered by - Rivek Raj Tamang (RivuDon), Sikkim, India.
    
    <img width="389" height="129" alt="image" src="https://github.com/user-attachments/assets/339dcc08-7c09-4024-9802-84703aa7893a" />
    
    **Affected Product: Chamilo LMS**
    * Affected Version: 1.11.2
    * **Discovered by: Rivek Raj Tamang (RivuDon), Sikkim, India**
    
    ## Vulnerability Details
    Information Disclosure
    
    # Summary
    The vulnerability allows unauthorized access to sensitive user information in Overhang.IO Tutor (tutor-open-edx) version 20.0.2 due to improper client-side session handling and missing cache-control headers. After logging out, user-specific PII remains accessible simply by pressing the browser’s back button, exposing sensitive account details without reauthentication. This flaw constitutes an Information Disclosure vulnerability and poses a risk to user privacy and session integrity.
    
    ## Steps to Reproduce
    1. Have a valid account
    2. Log in to the account
    3. Go to Social Network > Personal Data 
    4. Click on user_info
    5. Note all the Sensitive PII Information
    6. Now simply click on logout and wait for the page to log out
    7. Now click on the browser back button Note all the PII Being disclosed clearly without any proper cache control
    
    # Acknowledgement 
    
    This vulnerability was discovered and responsibly reported by:
    
    **Rivek Raj Tamang (RivuDon) from Sikkim, India** 
    
    https://www.linkedin.com/in/rivektamang/
    
    https://rivudon.medium.com/

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Jan 2026 00:00Current
5.4Medium risk
Vulners AI Score5.4
CVSS 3.15.5
EPSS0.00213
SSVC
Chamilo LMSInformation disclosureMissing cache headersLogout data exposureBack button access
169