CNNVD-202512-2781 Information
CNNVD ID
CNNVD-202512-2781
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
Open edX Platform是Open edX开源的一套开源的课程管理系统(CMS)。该系统可用于MOOCs(大规模网络开放课程)以及较小的课程和培训模块。 Open edX Platform存在安全漏洞,该漏洞源于CourseLimitedStaffRole用户权限分配不当,可能导致未经授权的课程访问和编辑。
Description (English)
Open edX Platform is an open-source course management system (CMS) for Open edX open source. The system could be used for MOOCs (large-scale open web courses) and smaller courses and training modules. Open edX Platform has a security loophole, which stems from the misallocation of user privileges to Court LimitedStaffRole, which may lead to unauthorized course access and editing.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Open edX
Published
2025-12-16
Last Modified
2026-02-24
References
https://github.com/openedx/edx-platform/commit/05d0d0936daf82c476617257aa6c35f0cd4ca060 https://github.com/openedx/edx-platform/pull/37772 https://github.com/openedx/edx-platform/pull/37773 https://github.com/openedx/edx-platform/security/advisories/GHSA-rh64-vc2h-7wfj
Patch
https://github.com/openedx/edx-platform/releases
Share on: