VYPR

Xerte Online Toolkits

by Apereo

CVEs (1)

  • CVE-2026-32985CriMar 20, 2026
    risk 0.72cvss 9.8epss 0.01

    Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive containing malicious PHP payloads.…