Please report security issues to eclass@gunet.gr
Security: gunet/openeclass
Security
SECURITY.md
-
File Upload Filter Bypass via ZIP Archive ExtractionGHSA-3g4j-56gp-v6wv published
Feb 3, 2026 by jexiModerate -
Stored Cross-Site Scripting (XSS) in Multiple High-Privilege User FieldsGHSA-2x83-4fh2-fcw7 published
Feb 3, 2026 by jexiModerate -
Stored Cross-Site Scripting (XSS) in User Profile FieldsGHSA-3p2x-qgxw-qvxh published
Feb 3, 2026 by jexiHigh -
CSRF in Teacher-Restricted Endpoints Allows Unauthorized ActionsGHSA-cgmh-73qg-28fm published
Feb 3, 2026 by jexiModerate -
Stored Cross-Site Scripting (XSS) via Student Assignment UploadGHSA-2qgm-m7fm-m888 published
Feb 3, 2026 by jexiHigh -
Broken Access Control Allows Students to Add Content to Course UnitsGHSA-22cq-9fr7-fq6v published
Feb 3, 2026 by jexiModerate -
Broken Access Control in Course Units Module Allows Students to Create UnitsGHSA-4jf5-636r-hv9v published
Feb 3, 2026 by jexiModerate -
Username Enumeration via Login Response DiscrepanciesGHSA-c3wq-m629-5h2j published
Feb 3, 2026 by jexiModerate -
Active Sessions Not Invalidated After Password Change Allow Persistent Account AccessGHSA-5h73-53mh-m224 published
Feb 3, 2026 by jexiModerate -
Insecure Password Reset Token Reuse Enables Account TakeoverGHSA-gcqq-fxw6-f866 published
Feb 3, 2026 by jexiHigh
Learn more about advisories related to gunet/openeclass in the GitHub Advisory Database