RSS   Vulnerabilities for 'Open eclass platform'   RSS

2022-06-11
 
CVE-2021-44266

CWE-79
 
 
GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.

 
2020-08-19
 
CVE-2020-24381

CWE-200
 
 
** DISPUTED ** GUnet Open eClass Platform (aka openeclass) through 3.9.2 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings. NOTE: this is disputed because it only affects misconfigured installations.

 

Copyright 2024, cxsecurity.com

 

Back to Top