Vulnerabilities

CVE-2020-13145

by Fred · 18/05/2020

Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS.

Date published : 2020-05-18

https://stark0de.com/2020/05/17/openedx-vulnerabilities.html

Similar

Tags: Cybersecurity Alert