exploitDog

CVE-2020-37115

Опубликовано: 03 фев. 2026

Источник: nvd

CVSS3: 6.5

CVSS3: 4.9

EPSS Низкий

Описание

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access.

Ссылки

https://download.openeclass.org/files/docs/1.7/CHANGES.txt
Release Notes
https://www.exploit-db.com/exploits/48163
Exploit
Third Party Advisory
VDB Entry
https://www.openeclass.org/
Product
https://www.vulncheck.com/advisories/gunet-openeclass-e-learning-platform-plaintext-password-storage
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gunet:open_eclass_platform:1.7.3:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00263

Низкий

6.5 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-256

Связанные уязвимости

GHSA-9hrm-54hp-fcpj

CVSS3: 6.5

github

5 месяцев назад

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access.

EPSS

Процентиль: 18%

0.00263

Низкий

6.5 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-256