Openedx
Products
7- 10 CVEs
- 5 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
18| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-68270 | Cri | 0.64 | 9.9 | 0.00 | Dec 16, 2025 | The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and… | ||
| CVE-2026-42860 | Hig | 0.48 | 8.5 | 0.00 | May 11, 2026 | The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet fetches SAML metadata from a URL stored in SAMLProviderConfig.metadata_source. An authenticated user with… | ||
| CVE-2026-42858 | Hig | 0.48 | 8.5 | 0.00 | May 11, 2026 | Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provider_data endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin users to supply an arbitrary URL via the metadata_url POST parameter. This URL is passed… | ||
| CVE-2015-6671 | Med | 0.38 | 5.9 | 0.01 | Mar 13, 2017 | Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging access to a database backup. | ||
| CVE-2026-34736 | Med | 0.27 | 5.3 | 0.00 | Apr 2, 2026 | Open edX Platform enables the authoring and delivery of online learning at any scale. From the maple release to before the ulmo release, an unauthenticated attacker can fully bypass the email verification process by combining two issues: the OAuth2 password grant issuing tokens… | ||
| CVE-2025-47942 | Med | 0.27 | 5.3 | 0.00 | May 21, 2025 | The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the python_lib.zip asset from courses, which is a concern since it often contains custom grading code or… | ||
| CVE-2024-41806 | Med | 0.27 | 5.3 | 0.00 | Jul 25, 2024 | The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become… | ||
| CVE-2026-35404 | Med | 0.24 | 4.7 | 0.00 | Apr 6, 2026 | Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() without any URL validation. When a non-existent survey name is provided, the… | ||
| CVE-2026-42857 | Med | 0.23 | 4.6 | 0.00 | May 11, 2026 | Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with… | ||
| CVE-2025-69784 | 0.00 | — | 0.00 | Mar 16, 2026 | A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an… | |||
| CVE-2025-69783 | 0.00 | — | 0.00 | Mar 16, 2026 | A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name (e.g., csrss.exe, edrsvc.exe, edrcon.exe). This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged… | |||
| CVE-2024-43782 | 0.00 | — | 0.01 | Aug 23, 2024 | This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were… | |||
| CVE-2024-22209 | 0.00 | — | 0.01 | Jan 13, 2024 | Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability has been patched in commit 019888f. | |||
| CVE-2023-23611 | 0.00 | — | 0.00 | Jan 25, 2023 | LTI Consumer XBlock implements the consumer side of the LTI specification enabling integration of third-party LTI provider tools. Versions 7.0.0 and above, prior to 7.2.2, are vulnerable to Missing Authorization. Any LTI tool that is integrated with on the Open edX platform can… | |||
| CVE-2022-46147 | 0.00 | — | 0.01 | Nov 28, 2022 | Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted.… | |||
| CVE-2022-32195 | 0.00 | — | 0.02 | Jun 9, 2022 | Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL. | |||
| CVE-2021-39248 | 0.00 | — | 0.01 | Aug 17, 2021 | Open edX through Lilac.1 allows XSS in common/static/common/js/discussion/utils.js via crafted LaTeX content within a discussion. | |||
| CVE-2019-20513 | 0.00 | — | 0.00 | Mar 19, 2020 | Open edX Ironwood.1 allows support/certificates?user= reflected XSS. |
- risk 0.64cvss 9.9epss 0.00
The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and…
- risk 0.48cvss 8.5epss 0.00
The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet fetches SAML metadata from a URL stored in SAMLProviderConfig.metadata_source. An authenticated user with…
- risk 0.48cvss 8.5epss 0.00
Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provider_data endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin users to supply an arbitrary URL via the metadata_url POST parameter. This URL is passed…
- risk 0.38cvss 5.9epss 0.01
Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging access to a database backup.
- risk 0.27cvss 5.3epss 0.00
Open edX Platform enables the authoring and delivery of online learning at any scale. From the maple release to before the ulmo release, an unauthenticated attacker can fully bypass the email verification process by combining two issues: the OAuth2 password grant issuing tokens…
- risk 0.27cvss 5.3epss 0.00
The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the python_lib.zip asset from courses, which is a concern since it often contains custom grading code or…
- risk 0.27cvss 5.3epss 0.00
The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become…
- risk 0.24cvss 4.7epss 0.00
Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() without any URL validation. When a non-existent survey name is provided, the…
- risk 0.23cvss 4.6epss 0.00
Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with…
- CVE-2025-69784Mar 16, 2026risk 0.00cvss —epss 0.00
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an…
- CVE-2025-69783Mar 16, 2026risk 0.00cvss —epss 0.00
A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name (e.g., csrss.exe, edrsvc.exe, edrcon.exe). This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged…
- CVE-2024-43782Aug 23, 2024risk 0.00cvss —epss 0.01
This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were…
- CVE-2024-22209Jan 13, 2024risk 0.00cvss —epss 0.01
Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability has been patched in commit 019888f.
- CVE-2023-23611Jan 25, 2023risk 0.00cvss —epss 0.00
LTI Consumer XBlock implements the consumer side of the LTI specification enabling integration of third-party LTI provider tools. Versions 7.0.0 and above, prior to 7.2.2, are vulnerable to Missing Authorization. Any LTI tool that is integrated with on the Open edX platform can…
- CVE-2022-46147Nov 28, 2022risk 0.00cvss —epss 0.01
Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted.…
- CVE-2022-32195Jun 9, 2022risk 0.00cvss —epss 0.02
Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL.
- CVE-2021-39248Aug 17, 2021risk 0.00cvss —epss 0.01
Open edX through Lilac.1 allows XSS in common/static/common/js/discussion/utils.js via crafted LaTeX content within a discussion.
- CVE-2019-20513Mar 19, 2020risk 0.00cvss —epss 0.00
Open edX Ironwood.1 allows support/certificates?user= reflected XSS.