PT-2026-52426

Name of the Vulnerable Software and Affected Versions H5P versions prior to 1.17.7 Description An unauthenticated Cross Site Scripting XSS issue exists, allowing an attacker to execute malicious scripts in the browser of a user without requiring authentication. Recommendations Update to a version...

EUVD-2025-205208

Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through = 1.16.1...

PT-2025-53079

Name of the Vulnerable Software and Affected Versions H5P versions through 1.16.1 Description An authorization issue exists in H5P that allows exploitation of incorrectly configured access control security levels. Recommendations Update H5P to a version later than 1.16.1...

PT-2024-28056 · H5P +1 · H5P +1

Name of the Vulnerable Software and Affected Versions: Open eClass versions prior to 3.16 Description: The Open eClass platform, a complete Course Management System, contains an arbitrary file upload vulnerability in the "save" functionality of the H5P module. This vulnerability enables...