VYPR
Vendor

Open EdX Platform

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2015-5601HigJul 29, 2019
    risk 0.57cvss 8.8epss 0.01

    edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files.

  • CVE-2015-6960MedJul 29, 2019
    risk 0.40cvss 6.1epss 0.01

    edx-platform before 2015-09-17 allows XSS via a team name.

  • CVE-2015-6253MedJul 29, 2019
    risk 0.35cvss 5.4epss 0.01

    edx-platform before 2015-08-17 allows XSS in the Studio listing of courses.

  • CVE-2016-10765MedJul 29, 2019
    risk 0.28cvss 5.3epss 0.01

    edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address.

  • CVE-2024-22209MedJan 13, 2024
    risk 0.00cvss 6.4epss 0.01

    Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability has been patched in commit 019888f.