Openedx Openedx-platform
4 CVEs affecting Openedx Openedx-platform. Latest disclosed: 2026-05-11. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42858 | High | 8.5 | 2026-05-11 | Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provider_data endpoint in SAMLProviderDataViewSet allows authent… |
CVE-2026-34736 | Medium | 5.3 | 2026-04-02 | Open edX Platform enables the authoring and delivery of online learning at any scale. From the maple release to before the ulmo release, an unauthenticated att… |
CVE-2026-35404 | Medium | 4.7 | 2026-04-06 | Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is pas… |
CVE-2026-42857 | Medium | 4.6 | 2026-05-11 | Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notificat… |