Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edx vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-6960
edx-platform prior to 2015-09-17 allows XSS via a team name.
Edx Edx-platform
8.8
CVSSv3
CVE-2015-5601
edx-platform prior to 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files.
Edx Edx-platform
6.1
CVSSv3
CVE-2022-32195
Open edX platform prior to 2022-06-06 allows XSS via the "next" parameter in the logout URL.
Edx Open Edx
5.4
CVSSv3
CVE-2015-6253
edx-platform prior to 2015-08-17 allows XSS in the Studio listing of courses.
Edx Edx-platform
8.8
CVSSv3
CVE-2020-13144
Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated code" screen, edit the problem, and e...
Edx Open Edx Platform 2.5
8.8
CVSSv3
CVE-2020-13146
Studio in Open edX Ironwood 2.5 allows CSV injection because an added cohort in Course>Instructor>Cohorts may contain a formula that is exported via the "Course>Data Downloads>Reports>Download profile info" feature.
Edx Open Edx Platform 2.5
5.4
CVSSv3
CVE-2020-13145
Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS.
Edx Open Edx Platform 2.5
6.1
CVSSv3
CVE-2019-20513
Open edX Ironwood.1 allows support/certificates?user= reflected XSS.
Edx Open Edx 2019-03-15
6.1
CVSSv3
CVE-2018-20858
Recommender prior to 2018-07-18 allows XSS.
Edx Recommender
6.1
CVSSv3
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?course_id= reflected XSS.
Open.edx Ironwood .1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »