CVE-2026-33707

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3

Description Chamilo LMS, a learning management system, had a flawed password reset mechanism. The system generated tokens using sha1($email) without a random component, expiration, or rate limiting. This allowed an attacker knowing a user's email address to compute the reset token and change the victim's password without authentication.

Recommendations Update to version 1.11.38 or 2.0.0-RC.3 to resolve the issue.