CNNVD-202602-319 Information

CNNVD ID

CNNVD-202602-319

Related CVE

CVE-2026-24671

• CNNVD Published: 2026-02-03

Description (Chinese)

Open eClass是Greek Universities Network开源的一个电子课堂系统。 Open eClass 4.2之前版本存在跨站脚本漏洞，该漏洞源于多个用户可控输入字段存在存储型跨站脚本，可能导致高权限用户注入恶意JavaScript。

Description (English)

Open eClass is an electronic classroom system that is an open source for Greek United Nations Network. The previous Open eClass 4.2 version had a cross-site script loophole, which stemmed from the existence of storage-type cross-site scripts in multiple user-controlled input fields, which could lead to the injection of malice JavaScript by high-authorization users.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Greek Universities Network

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/gunet/openeclass/security/advisories/GHSA-2x83-4fh2-fcw7 https://access.redhat.com/security/cve/cve-2026-24671

Patch

https://github.com/gunet/openeclass/tags