Vulnerabilidades en openedx
12 resultadosCVE-2022-46147HIGHDrag and Drop XBlock v2 has XSS Issues in Xblock Input FieldsEPSS 0.8%CVE-2024-22209MEDIUMXBlock custom auth does not respect JWT ScopesEPSS 0.6%CVE-2024-43782HIGHopenedx-translations's Atlas translations for Open edX missing validationEPSS 0.5%CVE-2023-23611MEDIUMxblock-lti-consumer contain Missing Authorization in Grade Pass Back ImplementationEPSS 0.4%CVE-2026-42858HIGHOpen edX Platform: Server-Side Request Forgery (SSRF) in SAML Provider Data Sync EndpointEPSS 0.4%CVE-2025-47942MEDIUMLearners on edX Platform can download python_lib.zipEPSS 0.4%CVE-2024-41806MEDIUMOpen edX Platform's instructor upload CSV for cohort creation not Private by DefaultEPSS 0.3%CVE-2026-42860HIGHOpen edx Enterprise Service: SSRF via SAML metadata URL in sync_provider_data endpointEPSS 0.3%CVE-2025-68270CRITICALCourseLimitedStaff Role Allows Studio AccessEPSS 0.3%CVE-2026-35404MEDIUMOpen edX Platform has an Open Redirect in Survey Views via Unvalidated redirect_url ParameterEPSS 0.2%CVE-2026-34736MEDIUMOpen edX Platform: Account Activation Bypass via activation_key Exposure in REST APIEPSS 0.2%CVE-2026-42857MEDIUMOpen edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML SanitizationEPSS 0.2%