VYPR

Adapt Authoring

by Adaptlearning

Source repositories

CVEs (2)

  • CVE-2024-50672CriNov 25, 2024
    risk 0.67cvss 9.8epss 0.02

    A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature. The vulnerability occurs due to insufficient validation of user input, which is…

  • CVE-2024-50671MedNov 25, 2024
    risk 0.28cvss 4.3epss 0.00

    Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with Authenticated User roles to obtain email addresses via the "Get users" feature. The vulnerability occurs due to a flaw in permission verification logic, where the wildcard character…