CVE-2015-2186
The CVE-2015-2186 entry concerns the Ansible edxapp role in the edX Configuration Repo. The vulnerability arises from using the string literal "False" instead of a boolean False for CORS_ORIGIN_ALLOW_ALL, enabling remote sites to spoof edX accounts. The issue affected the edX configuration but wa...