edx-platform before 2015-09-17 allows XSS via a team name.
View Full Alert
Related Posts
CVE-2015-6253edx-platform before 2015-08-17 allows XSS in the Studio listing of courses. View Full Alert
CVE-2015-3907CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE attacks. View Full Alert
CVE-2015-5601edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files. View Full Alert