CNNVD-202602-318 Information
CNNVD ID
CNNVD-202602-318
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Open eClass是Greek Universities Network开源的一个电子课堂系统。 Open eClass 4.2之前版本存在跨站脚本漏洞,该漏洞源于存在反射型跨站脚本,可能导致远程攻击者通过恶意URL在已认证用户环境中执行任意JavaScript。
Description (English)
Open eClass is an electronic classroom system that is an open source for Greek United Nations Network. The previous version of Open eClass 4.2 had a cross-site script loophole, which stemmed from the existence of a reflector-type cross-site script and could lead to the implementation of any JavaScript in an accredited user environment by remote assailants through malicious URLs.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Greek Universities Network
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/gunet/openeclass/security/advisories/GHSA-gqvp-w22w-w99r https://access.redhat.com/security/cve/cve-2026-24674
Patch
https://github.com/gunet/openeclass/tags
Share on: