10 matches found
CVE-2026-24666
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...
CVE-2026-24666 Open eClass is Vulnerable to CSRF in Teacher-Restricted Endpoints Allows Unauthorized Actions
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...
CVE-2026-24666 Open eClass is Vulnerable to CSRF in Teacher-Restricted Endpoints Allows Unauthorized Actions
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...
CVE-2026-24666 Open eClass is Vulnerable to CSRF in Teacher-Restricted Endpoints Allows Unauthorized Actions
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...
CVE-2026-24666
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...
EUVD-2026-5229
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...
CVE-2026-24666
Open eClass (formerly GUnet eClass) is affected by a CSRF vulnerability in multiple teacher-restricted endpoints prior to version 4.2. The issue allows authenticated teachers to be induced into performing unintended actions (e.g., modifying assignment grades) via crafted requests. The vulnerabili...
Open eClass 跨站请求伪造漏洞
Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from cross-site request forgery occurring at multiple teacher-restricted endpoints,...
PT-2026-6198
Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A Cross-Site Request Forgery CSRF issue exists in teacher-restricted endpoints prior to version 4.2. This...
CVE-2025-65670
CVE-2025-65670 describes an insecure direct object reference (IDOR) in classroomio 0.1.13. The issue lets students manipulate the URL course ID to access sensitive admin/teacher endpoints, causing unauthorized disclosure of course, admin, and student data. The leak is described as momentary befor...