Approved changes feed: RSS · Atom
cpe:2.3:a:openedx:openedx:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Openedx (8807f8bb-3bb8-5382-a5ab-55934ce0e075) |
|---|---|
| Product | Openedx (339d00e6-2a56-511b-a8c7-1d64db51cb7d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/openedx/openedx-translations |
purl2cpe | 2026-06-01 10:16:04.802072 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-42858 |
vulnerable | 2026-06-08 08:03:16.831734 |
Open edX Platform: Server-Side Request Forgery (SSRF) in SAML Provider Data Sync Endpoint
HIGH (8.5)
Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provider_data endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin users to supply an arbitrary URL via the metadata_url POST parameter. This URL is passed directly to requests.get() in fetch_metadata_xml() without any URL validation, IP filtering, or scheme enforcement. An attacker with Enterprise Admin privileges can force the server to make HTTP requests to internal network services, cloud metadata endpoints (e.g., AWS 169.254.169.254), or other attacker-controlled destinations. This vulnerability is fixed by commit 6fda1f120ff5a590d120ae1180185525f399c6d0 and 70a56246dd9c9df57c596e64bdd8a11b1d9da054.
Published: 2026-05-11T17:30:59.724Z
Updated: 2026-05-12T16:16:54.596Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-42857 |
vulnerable | 2026-06-08 08:03:16.831249 |
Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization
MEDIUM (4.6)
Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove <style> tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in email notification templates, allowing any enrolled student to inject arbitrary CSS into email notifications sent to other users. This enables email tracking (IP address disclosure), content spoofing, and phishing attacks. This vulnerability is fixed with commit cddc25cd791bb78f76833896e4778f668861df12.
Published: 2026-05-11T17:32:40.940Z
Updated: 2026-05-13T14:40:55.961Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-35404 |
vulnerable | 2026-06-08 07:59:13.838462 |
Open edX Platform has an Open Redirect in Survey Views via Unvalidated redirect_url Parameter
MEDIUM (4.7)
Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() without any URL validation. When a non-existent survey name is provided, the server issues an immediate HTTP 302 redirect to the attacker-controlled URL. Additionally, the same unvalidated URL is embedded in a hidden form field and returned in a JSON response after form submission, where client-side JavaScript performs location.href = url. This enables phishing and credential theft attacks against authenticated Open edX users. This vulnerability is fixed with commit 76462f1e5fa9b37d2621ad7ad19514b403908970.
Published: 2026-04-06T21:22:29.562Z
Updated: 2026-05-11T17:29:17.591Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.