Edx Open Edx vulnerabilities
3 known vulnerabilities affecting edx/open_edx.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-32195P3MEDIUMCVSS 6.1PoCfixed in 2022-06-062022-06-09
CVE-2022-32195 [MEDIUM] CWE-79 CVE-2022-32195: Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL.
Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL.
nvd
CVE-2015-2286P4MEDIUMCVSS 6.5≤ 2015-01-272016-03-19
CVE-2015-2286 [MEDIUM] CWE-200 CVE-2015-2286: lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly restr
lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly restrict links on the password-reset page, which allows user-assisted remote attackers to discover password-reset tokens by reading a referer log after a victim navigates from this page to a social-sharing site.
nvd
CVE-2019-20513P4MEDIUMCVSS 6.1v2019-03-152020-03-19
CVE-2019-20513 [MEDIUM] CWE-79 CVE-2019-20513: Open edX Ironwood.1 allows support/certificates?user= reflected XSS.
Open edX Ironwood.1 allows support/certificates?user= reflected XSS.
nvd