CVE-2026-33736: CWE-639: Authorization Bypass Through User-Controlled Key in chamilo chamilo-lms
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can enumerate all platform users and access personal information (email, phone, roles) via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3.
AI Analysis
Technical Summary
CVE-2026-33736 is an authorization bypass vulnerability in chamilo-lms prior to version 2.0.0-RC.3. It allows any authenticated user, including those with limited privileges (e.g., students), to enumerate all users on the platform and retrieve sensitive personal information such as email addresses, phone numbers, and user roles by accessing the GET /api/users endpoint. This exposure includes administrator accounts. The vulnerability is categorized under CWE-639 (Authorization Bypass Through User-Controlled Key). The issue was resolved in version 2.0.0-RC.3.
Potential Impact
The vulnerability allows unauthorized disclosure of personal information of all platform users, including administrators. This could lead to privacy violations and potentially facilitate further targeted attacks due to exposure of user contact details and roles. There is no impact on system integrity or availability reported.
Mitigation Recommendations
Upgrade chamilo-lms to version 2.0.0-RC.3 or later, where this vulnerability is fixed. Since the vendor advisory indicates the issue is resolved starting from this version, applying this update fully mitigates the risk. Patch status is not explicitly stated beyond the fixed version; therefore, confirm with the vendor advisory before deployment.
CVE-2026-33736: CWE-639: Authorization Bypass Through User-Controlled Key in chamilo chamilo-lms
Description
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can enumerate all platform users and access personal information (email, phone, roles) via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-33736 is an authorization bypass vulnerability in chamilo-lms prior to version 2.0.0-RC.3. It allows any authenticated user, including those with limited privileges (e.g., students), to enumerate all users on the platform and retrieve sensitive personal information such as email addresses, phone numbers, and user roles by accessing the GET /api/users endpoint. This exposure includes administrator accounts. The vulnerability is categorized under CWE-639 (Authorization Bypass Through User-Controlled Key). The issue was resolved in version 2.0.0-RC.3.
Potential Impact
The vulnerability allows unauthorized disclosure of personal information of all platform users, including administrators. This could lead to privacy violations and potentially facilitate further targeted attacks due to exposure of user contact details and roles. There is no impact on system integrity or availability reported.
Mitigation Recommendations
Upgrade chamilo-lms to version 2.0.0-RC.3 or later, where this vulnerability is fixed. Since the vendor advisory indicates the issue is resolved starting from this version, applying this update fully mitigates the risk. Patch status is not explicitly stated beyond the fixed version; therefore, confirm with the vendor advisory before deployment.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-23T17:34:57.561Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d94d8f1cc7ad14dae0faf5
Added to database: 4/10/2026, 7:20:47 PM
Last enriched: 4/18/2026, 2:27:25 PM
Last updated: 5/25/2026, 1:56:48 PM
Views: 54
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.