82 matches found
CVE-2026-31946
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
CVE-2026-28228
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the reminder is processed...
CVE-2026-31946
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
CVE-2026-28228 OpenOLAT: Server-Side Template Injection (SSTI) in Velocity templates allows Remote Code Execution
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the reminder is processed...
CVE-2026-28228
OpenOLAT SAS/Velocity SSTI vulnerability (CVE-2026-28228) allows an authenticated author to inject Velocity directives into a reminder email; when processed, directives are evaluated server-side via Velocity #set chained with Java reflection, enabling arbitrary Java class execution (e.g., Process...
CVE-2026-28228 OpenOLAT: Server-Side Template Injection (SSTI) in Velocity templates allows Remote Code Execution
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the reminder is processed...
CVE-2026-28228
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the reminder is processed...
CVE-2026-28228 OpenOLAT: Server-Side Template Injection (SSTI) in Velocity templates allows Remote Code Execution
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the reminder is processed...
EUVD-2026-17201
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the reminder is processed...
CVE-2026-31946
OpenOLAT OpenID Connect implicit flow (versions 10.5.4–before 20.2.5) does not verify JWT signatures. The JSONWebToken.parse() method discards the signature segment, and getAccessToken() validates only issuer/audience/state/nonce, without cryptographic verification against the IdP’s JWKS. This ca...
EUVD-2026-17207
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
CVE-2026-31946 OpenOLAT: Authentication bypass via forged JWT in OIDC implicit flow
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
CVE-2026-31946 OpenOLAT: Authentication bypass via forged JWT in OIDC implicit flow
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
CVE-2026-31946 OpenOLAT: Authentication bypass via forged JWT in OIDC implicit flow
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
CVE-2026-31946
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. From version 10.5.4 to before version 20.2.5, OpenOLAT's OpenID Connect implicit flow implementation does not verify JWT signatures. The JSONWebToken.parse method silently discards the...
OpenOLAT 安全漏洞
OpenOLAT is an open-source web-based e-learning platform used for teaching, learning, assessment, and communication. It serves as a Learning Management System. Versions of OpenOLAT prior to 19.1.31, 20.1.18, and 20.2.5 had security vulnerabilities. These vulnerabilities stemmed from allowing...
PT-2026-29118
Name of the Vulnerable Software and Affected Versions OpenOlat versions prior to 19.1.31 OpenOlat versions prior to 20.1.18 OpenOlat versions prior to 20.2.5 Description OpenOlat is a web-based e-learning platform. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the...
PT-2026-29122
Name of the Vulnerable Software and Affected Versions OpenOlat versions 10.5.4 through 20.2.4 Description OpenOlat is a web-based e-learning platform. The OpenID Connect implicit flow implementation does not verify JSON Web Token JWT signatures. The JSONWebToken.parse method discards the signatur...
OpenOLAT 数据伪造问题漏洞
OpenOLAT is an open-source web-based e-learning platform used for teaching, learning, assessment, and communication. It serves as a Learning Management System. Versions of OpenOLAT from 10.5.4 to 20.2.5 contained a data manipulation vulnerability. This vulnerability stemmed from the implicit flow...
CVE-2021-41242
OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files...