📄 Description (English)
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to insufficient sanitization of the page parameter in the session/add_users_to_session.php endpoint. This issue has been patched in version 1.11.30.
🤖 AI Executive Summary
Chamilo LMS versions prior to 1.11.30 contain a reflected XSS vulnerability in the session management endpoint that allows attackers to inject malicious scripts through the page parameter. While currently unpatched and without public exploits, this vulnerability poses a moderate risk to educational institutions and organizations using Chamilo for learning management. The vulnerability requires user interaction but could lead to session hijacking, credential theft, or malware distribution within educational environments.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 23, 2026 22:18
🇸🇦 Saudi Arabia Impact Assessment
Saudi educational institutions, universities, and government training centers using Chamilo LMS are at risk. The Ministry of Education, higher education institutions, and corporate training departments relying on Chamilo could experience compromised student/employee accounts, unauthorized access to learning materials, and potential data exfiltration of personal information. The vulnerability is particularly concerning for institutions managing sensitive educational records and assessments. Government agencies using Chamilo for employee training face risks of credential compromise and unauthorized access to training content.
🏢 Affected Saudi Sectors
Education
Government
Higher Education
Corporate Training
Public Administration
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
5.8
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:
1. Identify all Chamilo LMS instances in your environment and document their versions
2. Restrict access to the session/add_users_to_session.php endpoint using WAF rules or network controls
3. Implement input validation rules to block special characters in the page parameter
4. Enable security headers (CSP, X-XSS-Protection) at the web server level
Patching Guidance:
1. Upgrade to Chamilo version 1.11.30 or later when available
2. Monitor Chamilo's official repository for patch releases
3. Test patches in a staging environment before production deployment
Compensating Controls:
1. Deploy Web Application Firewall (WAF) rules to sanitize the page parameter
2. Implement Content Security Policy (CSP) headers to prevent inline script execution
3. Use URL encoding validation to reject malformed requests
4. Monitor session/add_users_to_session.php access logs for suspicious patterns
5. Implement multi-factor authentication for administrative accounts
Detection Rules:
1. Alert on requests to session/add_users_to_session.php containing script tags or encoded payloads
2. Monitor for unusual session creation patterns or rapid session additions
3. Log and alert on page parameter values containing HTML/JavaScript entities
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حدد جميع مثيلات Chamilo LMS في بيئتك وقم بتوثيق إصداراتها
2. قيد الوصول إلى نقطة النهاية session/add_users_to_session.php باستخدام قواعد WAF أو عناصر التحكم في الشبكة
3. طبق قواعد التحقق من الإدخال لحظر الأحرف الخاصة في معامل الصفحة
4. فعّل رؤوس الأمان (CSP، X-XSS-Protection) على مستوى خادم الويب
إرشادات التصحيح:
1. قم بالترقية إلى إصدار Chamilo 1.11.30 أو أحدث عند توفره
2. راقب مستودع Chamilo الرسمي للإصدارات المصححة
3. اختبر التصحيحات في بيئة التجريب قبل نشرها في الإنتاج
عناصر التحكم البديلة:
1. نشر قواعد جدار حماية تطبيقات الويب (WAF) لتنظيف معامل الصفحة
2. تطبيق رؤوس سياسة أمان المحتوى (CSP) لمنع تنفيذ البرامج النصية المضمنة
3. استخدام التحقق من ترميز URL لرفض الطلبات المشوهة
4. مراقبة سجلات الوصول إلى session/add_users_to_session.php للأنماط المريبة
5. تطبيق المصادقة متعددة العوامل للحسابات الإدارية
قواعد الكشف:
1. تنبيهات على الطلبات إلى session/add_users_to_session.php التي تحتوي على علامات البرامج النصية أو الحمولات المشفرة
2. مراقبة أنماط إنشاء الجلسات غير العادية أو إضافة الجلسات السريعة
3. تسجيل والتنبيه على قيم معامل الصفحة التي تحتوي على كيانات HTML/JavaScript
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.14.2.1 - Secure development policy
A.14.2.5 - Secure development environment
A.14.3.1 - Testing of security functionality
A.14.3.2 - System change control
🔵 SAMA CSF
ID.SC-7 - Software, firmware, and information integrity checks
PR.DS-6 - Integrity checking mechanisms
DE.CM-4 - Malicious code detection
🟡 ISO 27001:2022
A.14.2.1 - Secure development policy and procedures
A.14.3.1 - Security requirements analysis and specification
A.14.3.2 - Secure development environment
A.8.3.2 - Restriction of access to information
📦 Affected Products / CPE 1 entries
chamilo:chamilo_lms