An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Discovered by - Rivek Raj Tamang (RivuDon), Sikkim, India.
None