Lucene search
+L

298 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:13 a.m.7 views

CVE-2016-10766

edx-platform before 2016-06-06 allows CSRF...

8.8CVSS7AI score0.00604EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:10 a.m.10 views

CVE-2016-10765

edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address...

5.3CVSS6.9AI score0.0076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:33 a.m.8 views

CVE-2017-18380

edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name...

7.5CVSS6.9AI score0.01079EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.7 views

CVE-2019-20512

Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...

6.1CVSS7AI score0.0041EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/17 7:0 p.m.13 views

CVE-2025-68270

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and CourseLimitedStaffRole users are able t...

9.9CVSS6.8AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 7:16 p.m.5 views

CVE-2025-68270

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and CourseLimitedStaffRole users are able t...

9.9CVSS0.0028EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/16 6:26 p.m.6 views

EUVD-2025-203830

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and CourseLimitedStaffRole users are able t...

9.9CVSS6.3AI score0.0028EPSS
Exploits0References4
OSV
OSV
added 2025/12/16 6:26 p.m.5 views

CVE-2025-68270 CourseLimitedStaff Role Allows Studio Access

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and CourseLimitedStaffRole users are able t...

9.9CVSS6.7AI score0.0028EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.10 views

Open edX Platform 安全漏洞

Open edX Platform is an open source course management system CMS from Open edX Open Source. The system can be used for MOOCs Massive Open Online Courses as well as smaller courses and training modules. A security vulnerability exists in Open edX Platform that stems from improperly assigned...

9.9CVSS6.5AI score0.0028EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.9 views

PT-2025-51780

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and CourseLimitedStaffRole users are able t...

9.9CVSS6.8AI score0.0028EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/01 10:24 p.m.6 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS6.6AI score0.00199EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/11/26 9:31 p.m.7 views

Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS6.6AI score0.00199EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2025/11/26 9:31 p.m.9 views

EUVD-2025-199747

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

6AI score0.00199EPSS
Exploits0References4
OSV
OSV
added 2025/11/26 9:31 p.m.5 views

GHSA-GQ25-78JF-V78C Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS6.5AI score0.00199EPSS
Exploits0References5
Snyk
Snyk
added 2025/11/26 7:41 p.m.4 views

Use of Cache Containing Sensitive Information

Overview tutor is a The Docker-based Open edX distribution designed for peace of mind Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to the absence of proper cache-control HTTP headers and insufficient client-side session validation. An...

4.6CVSS6.5AI score0.00199EPSS
Exploits0References2
PyPA
PyPA
added 2025/11/26 7:15 p.m.32 views

PYSEC-2025-219

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS5.8AI score0.00199EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/11/26 7:15 p.m.6 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS0.00199EPSS
Exploits0References3
OSV
OSV
added 2025/11/26 7:15 p.m.13 views

PYSEC-2025-219

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS5.8AI score0.00199EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/26 12:0 a.m.13 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

0.00199EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/26 12:0 a.m.4 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

6.2AI score0.00199EPSS
Exploits0References3
Rows per page
Query Builder