OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution enviro
The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the python_lib.zip asset from c
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forg
OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when `safeMode` is enabled, unapproved forum posts are hidden from the public list, but t
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, POST /api/v1/auth/sign-in creates a valid session for banned accounts before verifying the supplied password. Tha
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassword(userId, password) and deleteUser(userId) in the account-management module used an inverted adm
The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they ar
Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() wi
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific
Open edX Platform enables the authoring and delivery of online learning at any scale. From the maple release to before the ulmo release, an unauthenticated attacker can fully bypass the email verifica
A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improp
Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provider_data endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin users to supply a
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account crede
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper au
Student Learning Assessment and Support System developed by JHENG GAO has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtai
The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using t
A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. T
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, the paella would include and render some user inputs (metada
Page 1+ Next →