Lucene search

PRIOn knowledge basePRION:CVE-2023-34959

HistoryJun 08, 2023 - 7:15 p.m.

Server side request forgery (ssrf)

2023-06-0819:15:00

PRIOn knowledge base

www.prio-n.com

server-side request forgery

chamilo v1.11.18

information disclosure

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

An issue in Chamilo v1.11.* up to v1.11.18 allows attackers to execute a Server-Side Request Forgery (SSRF) and obtain information on the services running on the server via crafted requests in the social and links tools.

CPENameOperatorVersion
chamilo_lmsge1.11.0
chamilo_lmsle1.11.18

CPE	Name	Operator	Version
	chamilo_lms	ge	1.11.0
	chamilo_lms	le	1.11.18

References

github.com/chamilo/chamilo-lms/commit/cc278f01864948b1fb160e03f0a3dc0875d5f81f

github.com/chamilo/chamilo-lms/commit/ea5791ff8ce6ea45148a171b0da5348a7c415e6f

github.com/chamilo/chamilo-lms/commit/ed946908fef23e8aa4cefc28f745f3cd6710099f

support.chamilo.org/projects/1/wiki/Security_issues