Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Edx-platform'
2019-07-30
CVE-2018-20859
CWE-20
edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem.
CVE-2017-18381
CWE-254
The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials.
CVE-2017-18380
CWE-284
edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.
2019-07-29
CVE-2016-10766
CWE-352
edx-platform before 2016-06-06 allows CSRF.
CVE-2016-10765
CWE-20
edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address.
CVE-2015-6960
CWE-79
edx-platform before 2015-09-17 allows XSS via a team name.
CVE-2015-6253
CWE-79
edx-platform before 2015-08-17 allows XSS in the Studio listing of courses.
CVE-2015-5601
CWE-434
edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files.
>>>
Vendor:
Open.edx
2
Produkty
Edx-platform
Ironwood
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Edx-platform' 
Polish
English