CNNVD-202602-321 Information

CNNVD ID

CNNVD-202602-321

Related CVE

CVE-2026-24672

• CNNVD Published: 2026-02-03

Description (Chinese)

Open eClass是Greek Universities Network开源的一个电子课堂系统。 Open eClass 4.2之前版本存在跨站脚本漏洞，该漏洞源于用户个人资料字段存在存储型跨站脚本，可能导致已认证学生注入恶意JavaScript。

Description (English)

Open eClass is an electronic classroom system that is an open source for Greek United Nations Network. The previous version of Open eClass 4.2 had a cross-site script loophole, which stemmed from the existence of a stored cross-site script in the user’s personal data field, which could result in the introduction of malicious JavaScript by certified students.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Greek Universities Network

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/gunet/openeclass/security/advisories/GHSA-3p2x-qgxw-qvxh https://access.redhat.com/security/cve/cve-2026-24672

Patch

https://github.com/gunet/openeclass/tags