VYPR

Clickedu

by Sanoma

CVEs (3)

  • CVE-2025-40650HigMay 26, 2025
    risk 0.57cvss epss 0.00

    Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report cards.

  • CVE-2026-5010MedMar 27, 2026
    risk 0.33cvss epss 0.00

    A reflected Cross-Site Scripting (XSS) vulnerability has been discovered in Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim’s browser by sending them a malicious URL using the endpoint “/user.php/”. This vulnerability can be…

  • CVE-2025-41070MedDec 1, 2025
    risk 0.31cvss epss 0.00

    Reflected Cross-site Scripting (XSS) vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetes_varies.php'. This vulnerability can be exploited to steal…