Vulnerability DatabaseCVE-2025-66447
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2025-66447
Published:April 10, 2026
Updated:April 23, 2026
Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2.
Affected Packages
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) =v2.0.0-RC.2 <v2.0.0-RC.2
Fix Suggestion:
Update to version v2.0.0-RC.2
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) =v2.0.0-RC.3 <v2.0.0-RC.3
Fix Suggestion:
Update to version v2.0.0-RC.3
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) =v2.0.0-beta.2 <v2.0.0-beta.2
Fix Suggestion:
Update to version v2.0.0-beta.2
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) =v2.0.0-RC.1 <v2.0.0-RC.1
Fix Suggestion:
Update to version v2.0.0-RC.1
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) =v2.0.0-beta.3 <v2.0.0-beta.3
Fix Suggestion:
Update to version v2.0.0-beta.3
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) =v2.0.0 <v2.0.0
Fix Suggestion:
Update to version v2.0.0
https://github.com/chamilo/chamilo-lms.git (GITHUB):
Affected version(s) >=v1.11.0 <v1.11.34
Fix Suggestion:
Update to version v1.11.34
Related ResourcesĀ (2)
https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-m82x-prv3-rwwv
https://github.com/chamilo/chamilo-lms/commit/73ae6293adaa6098374bc22625342dbae5cbc446
Do you need more information?
Contact Us
Weakness Type (CWE)
URL Redirection to Untrusted Site ('Open Redirect')
CWE-601
EPSS
Base Score:
0.03