Threat Intel

v0.1

← CVEs

CVE-2026-24671

MED 6.1
Published
2026-02-03
Last Modified
2026-02-10
Affected Apps
7
Affected Devices
8
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a Stored Cross-Site Scripting (XSS) vulnerability allows authenticated high-privileged users (teachers or administrators) to inject malicious JavaScript into multiple user-controllable input fields across the application, which is executed when other users access affected pages. This issue has been patched in version 4.2.
Affected Applications in Environment 7
Platform v17,38,0,0
1 device
Platform v17,17,0,0
1 device
Platform v17,15,0,0
2 devices
Platform v3.1.119.0
1 device
Platform v3.1.116.0
1 device
Platform v3.1.120.0
1 device
Platform v17,24,0,0
1 device
Affected Devices 8
ARSUTLGU4000052 Windows DESKTOP-6US3N85 Windows DESKTOP-7IU23EB Windows DPEXAN-5CD017CV Windows DPHSNG-34Y86X3 Windows DPMATH-C11312G9 Windows FL217-2-ADOTTER Windows MICHELLEUSUHP Windows
References 1