4 matches found
EUVD-2026-19786
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...
CVE-2026-35610
CVE-2026-35610 affects PolarLearn; in 0-PRERELEASE-14 and earlier, the account-management module’s setCustomPassword(userId, password) and deleteUser(userId) used an inverted admin check, allowing authenticated non-admin users to perform these actions and effectively escalating privileges. This i...
CVE-2026-35610
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...
PT-2026-30921
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...