VYPR

edxapp role

by Edx

CVEs (1)

  • CVE-2015-2186HigFeb 3, 2018
    risk 0.49cvss 7.5epss 0.01

    The Ansible edxapp role in the Configuration Repo in edX allows remote websites to spoof edX accounts by leveraging use of the string literal "False" instead of a boolean False for the CORS_ORIGIN_ALLOW_ALL setting. Note: this vulnerability was fixed on 2015-03-06, but the…