CVE-2024-30618 – A stored cross-site scripting vulnerability in ... (How to Fix)

Q: What is the severity of CVE-2024-30618?

CVE-2024-30618 has a CVSS score of 6.1 (MEDIUM). A stored cross-site scripting vulnerability in Chamilo LMS allows attackers to inject malicious JavaScript into group discussion topics. When users view these topics, the script executes in their browsers, potentially stealing session cookies or performing actions on their behalf. This affects all users of vulnerable Chamilo LMS installations.

📋 TL;DR

A stored cross-site scripting vulnerability in Chamilo LMS allows attackers to inject malicious JavaScript into group discussion topics. When users view these topics, the script executes in their browsers, potentially stealing session cookies or performing actions on their behalf. This affects all users of vulnerable Chamilo LMS installations.

💻 Affected Systems

Products:

Chamilo LMS

Versions: 1.11.26 and earlier versions

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires attacker to have group discussion posting privileges, which could be obtained through legitimate user accounts or account compromise.

📦 What is this software?

Chamilo Lms by Chamilo

View all CVEs affecting Chamilo Lms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator session cookies, take over administrative accounts, manipulate course content, or redirect users to malicious sites.

🟠

Likely Case

Attackers steal user session cookies to impersonate legitimate users, potentially accessing sensitive course materials or personal information.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts would be rendered harmless as text rather than executed.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authenticated access to post in group topics. Public proof-of-concept demonstrates the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 3b98682199049ebfb170ace16ada9a7c8e9a6622

Vendor Advisory: https://github.com/chamilo/chamilo-lms/commit/3b98682199049ebfb170ace16ada9a7c8e9a6622

Restart Required: No

Instructions:

1. Update to the latest Chamilo LMS version. 2. Apply the specific commit that fixes the vulnerability. 3. Verify the fix by testing the group_topics.php functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize the 'content' parameter before processing.

Modify group_topics.php to include HTML entity encoding for user input

Content Security Policy

all

Implement a strict Content Security Policy header to prevent inline script execution.

Add header: Content-Security-Policy: script-src 'self'

🧯 If You Can't Patch

Disable group discussion functionality temporarily
Implement web application firewall rules to block XSS payloads in the content parameter

🔍 How to Verify

Check if Vulnerable:

Test by posting a simple XSS payload like <script>alert('test')</script> in group topic content and check if it executes when viewed.

Check Version:

Check Chamilo version in admin panel or review source code for commit hash 3b98682199049ebfb170ace16ada9a7c8e9a6622

Verify Fix Applied:

After patching, attempt the same XSS payload and verify it's displayed as plain text rather than executed.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to group_topics.php with script tags or JavaScript in content parameter
Multiple failed login attempts followed by group topic creation

Network Indicators:

HTTP requests containing JavaScript payloads in POST data to group_topics.php

SIEM Query:

source="web_logs" AND uri="*group_topics.php*" AND (content="*<script>*" OR content="*javascript:*")

📊 Metadata

CVE ID: CVE-2024-30618

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

Published: November 4, 2024

Last Updated: April 18, 2025

🔗 References

https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30618 Exploit,Third Party Advisory
https://github.com/chamilo/chamilo-lms/commit/3b98682199049ebfb170ace16ada9a7c8e9a6622 Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-30618, you might also want to check these: