| Title | Chamilo LMS <= v2.0.0 Beta 1 SocialController IDOR - Legal Consent Data Manipulat |
|---|
| Description | Multiple endpoints in Chamilo LMS 2.x `SocialController.php` are vulnerable to Insecure Direct Object Reference (IDOR) attacks. An authenticated attacker can manipulate the `userId` parameter in POST requests to perform unauthorized operations on other users' legal consent and privacy-related data.
The vulnerability exists because these endpoints read the `userId` from the request body without validating that the authenticated user has permission to operate on that user's data. |
|---|
| Source | ⚠️ https://note-hxlab.wetolink.com/share/w92t1Q0a74Gj |
|---|
| User | angelkate (UID 94159) |
|---|
| Submission | 01/05/2026 08:14 (5 months ago) |
|---|
| Moderation | 01/17/2026 09:37 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 341698 [Chamilo LMS up to 2.0.0 Beta 1 Legal Consent SocialController.php deleteLegal userId improper authorization] |
|---|
| Points | 20 |
|---|