Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0127

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00384EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.3 views

Autolab 跨站脚本漏洞

Autolab is an open source course management service from Autolab. It supports automatically graded programming assignments. A cross-site scripting vulnerability exists in Autolab version 3.0.1, which stems from the presence of an HTML injection vulnerability that could affect instructors and CAs ...

5.4CVSS6.3AI score0.00256EPSS
Exploits0References2
PyPA
PyPA
added 2023/01/26 9:18 p.m.5 views

PYSEC-2023-21

LTI Consumer XBlock implements the consumer side of the LTI specification enabling integration of third-party LTI provider tools. Versions 7.0.0 and above, prior to 7.2.2, are vulnerable to Missing Authorization. Any LTI tool that is integrated with on the Open edX platform can post a grade back...

5.4CVSS7.2AI score0.00384EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/26 9:18 p.m.25 views

Authorization

LTI Consumer XBlock implements the consumer side of the LTI specification enabling integration of third-party LTI provider tools. Versions 7.0.0 and above, prior to 7.2.2, are vulnerable to Missing Authorization. Any LTI tool that is integrated with on the Open edX platform can post a grade back...

5.5CVSS5.5AI score0.00384EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/01/25 5:39 a.m.31 views

CVE-2023-23611 xblock-lti-consumer contain Missing Authorization in Grade Pass Back Implementation

LTI Consumer XBlock implements the consumer side of the LTI specification enabling integration of third-party LTI provider tools. Versions 7.0.0 and above, prior to 7.2.2, are vulnerable to Missing Authorization. Any LTI tool that is integrated with on the Open edX platform can post a grade back...

5.4CVSS5.6AI score0.00384EPSS
Exploits0References3
CVE
CVE
added 2023/01/25 5:39 a.m.136 views

CVE-2023-23611

The CVE-2023-23611 entry concerns the LTI Consumer XBlock for Open edX. Affected: LTI Consumer XBlock versions 7.0.0 and above, before 7.2.2. Issue: Missing Authorization allows any integrated LTI tool to post grades for any LTI XBlock by guessing the block location via the resource_link_id, comp...

5.4CVSS5.4AI score0.00384EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/25 12:0 a.m.6 views

PT-2023-19073 · Open Edx · Lti Consumer Xblock

Name of the Vulnerable Software and Affected Versions: LTI Consumer XBlock versions 7.0.0 through 7.2.2 Description: The LTI Consumer XBlock implements the consumer side of the LTI specification, enabling integration of third-party LTI provider tools. Any LTI tool integrated with the Open edX...

5.4CVSS7.4AI score0.00384EPSS
Exploits0References9
Rows per page
Query Builder