CVE-2024-30617

A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request that posts a fake post onto the user's social wall without their consent or knowledge.

Published: Nov 4, 2024
Updated: May 4, 2025
CVE: CVE-2024-30617
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
chamilo / chamilo_lms	1.11.26	1.11.26.x

https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30617
https://github.com/chamilo/chamilo-lms/commit/7a0e10cccc92eadae9403925f995b0a8d2d1305e

Vulnerability Database

289,689

CVE-2024-30617