CNNVD-202602-322 Information

CNNVD ID

CNNVD-202602-322

Related CVE

CVE-2026-24669

• CNNVD Published: 2026-02-03

Description (Chinese)

Open eClass是Greek Universities Network开源的一个电子课堂系统。 Open eClass 4.2之前版本存在代码问题漏洞，该漏洞源于不安全的密码重置机制，可能导致本地攻击者重用已使用的密码重置令牌，从而进行未经授权的密码更改。

Description (English)

Open eClass is an electronic classroom system that is an open source for Greek United Nations Network. Prior to Open eClass 4.2, there was a code gap, which stemmed from an unsafe password resetting mechanism, which could lead local assailants to reset their used passwords, thereby making unauthorized password changes.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Greek Universities Network

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/gunet/openeclass/security/advisories/GHSA-gcqq-fxw6-f866 https://access.redhat.com/security/cve/cve-2026-24669

Patch

https://github.com/gunet/openeclass/tags