Learnhouse
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:learnhouse:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Learnhouse (d8c6539e-66a9-5139-82bb-e5fd0ad660c8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-12276 |
vulnerable | 2026-06-08 07:04:29.969580 |
LearnHouse Image information disclosure
MEDIUM (4.3)
A vulnerability was detected in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. Affected by this issue is some unknown functionality of the component Image Handler. The manipulation results in information disclosure. The attack can be executed remotely. The exploit is now public and may be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-10-27T13:02:05.167Z
Updated: 2025-10-27T20:14:46.615Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12270 |
vulnerable | 2026-06-08 07:04:29.958017 |
LearnHouse Student Assignment Submission sub_file resource injection
MEDIUM (4.3)
A vulnerability was determined in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The impacted element is an unknown function of the file /api/v1/assignments/{assignment_id}/tasks/{task_id}/sub_file of the component Student Assignment Submission Handler. This manipulation causes improper control of resource identifiers. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-10-27T12:02:07.011Z
Updated: 2025-10-27T13:16:14.087Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12269 |
vulnerable | 2026-06-08 07:04:29.957497 |
LearnHouse Account Setting previews cross site scripting
LOW (3.5)
A vulnerability was found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The affected element is an unknown function of the file /dash/org/settings/previews of the component Account Setting Page. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-10-27T11:32:08.512Z
Updated: 2025-10-27T13:17:47.154Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12268 |
vulnerable | 2026-06-08 07:04:29.956224 |
LearnHouse Course Thumbnail courses unrestricted upload
MEDIUM (6.3)
A vulnerability has been found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. Impacted is an unknown function of the file /api/v1/courses/ of the component Course Thumbnail Handler. The manipulation of the argument thumbnail leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-10-27T11:32:06.104Z
Updated: 2025-10-27T13:18:34.621Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.