{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-32930/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2026-32930"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["idor","chamilo","lms","cve-2026-32930"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eChamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability, identified as CVE-2026-32930. This flaw exists in the gradebook evaluation edit page. An authenticated teacher can exploit this vulnerability to view and modify the settings (name, max score, weight) of evaluations belonging to other courses. This is achieved by manipulating the \u003ccode\u003eediteval\u003c/code\u003e GET parameter. Successful exploitation allows unauthorized modification of gradebook settings, potentially affecting student grades and overall course integrity. The vulnerability was patched in versions 1.11.38 and 2.0.0-RC.3. This affects any Chamilo LMS instance running a vulnerable version accessible to authenticated users.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker authenticates to Chamilo LMS as a teacher.\u003c/li\u003e\n\u003cli\u003eThe attacker navigates to the gradebook section of a course they have access to.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies the URL used to edit an evaluation, noting the \u003ccode\u003eediteval\u003c/code\u003e parameter and its associated value.\u003c/li\u003e\n\u003cli\u003eThe attacker modifies the \u003ccode\u003eediteval\u003c/code\u003e parameter value to reference an evaluation ID from a different course.\u003c/li\u003e\n\u003cli\u003eThe attacker submits the modified request to the Chamilo LMS server.\u003c/li\u003e\n\u003cli\u003eThe server, due to the IDOR vulnerability, processes the request without proper authorization checks.\u003c/li\u003e\n\u003cli\u003eThe attacker is able to view and modify the settings (name, max score, weight) of the evaluation belonging to the other course.\u003c/li\u003e\n\u003cli\u003eThe attacker saves the changes, which are then reflected in the gradebook of the targeted course.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-32930 can lead to unauthorized modification of gradebook evaluation settings. This could result in inaccurate grades, unfair assessment of students, and overall compromise of the learning environment\u0026rsquo;s integrity. Given that Chamilo LMS is used by educational institutions worldwide, a successful attack could affect a large number of students and teachers. The unauthorized changes could disrupt the educational process and erode trust in the system.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Chamilo LMS to version 1.11.38 or 2.0.0-RC.3 or later to patch CVE-2026-32930, as indicated in the overview.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Chamilo Gradebook Edit Request\u003c/code\u003e to identify attempts to exploit this IDOR vulnerability by monitoring for suspicious \u003ccode\u003eediteval\u003c/code\u003e parameter modifications.\u003c/li\u003e\n\u003cli\u003eReview web server logs for requests containing the \u003ccode\u003eediteval\u003c/code\u003e parameter where the associated value appears out of sequence with the user\u0026rsquo;s course access, related to the Sigma rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-10T18:16:42Z","date_published":"2026-04-10T18:16:42Z","id":"/briefs/2026-04-chamilo-idor/","summary":"An Insecure Direct Object Reference (IDOR) vulnerability in Chamilo LMS (CVE-2026-32930) allows authenticated teachers to modify gradebook evaluation settings of other courses by manipulating the 'editeval' GET parameter, leading to unauthorized data modification.","title":"Chamilo LMS Insecure Direct Object Reference Vulnerability (CVE-2026-32930)","url":"https://feed.craftedsignal.io/briefs/2026-04-chamilo-idor/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-32930","version":"https://jsonfeed.org/version/1.1"}