PT-2019-7561 · Edx · Edx-Platform

Robert Raposa

Published

2019-07-29

Updated

2020-01-07

CVE-2016-10765

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions edx-platform versions prior to 2016-06-10

Description The issue allows account activation with a spoofed e-mail address.

Recommendations For versions prior to 2016-06-10, update to a version released after 2016-06-10 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2016-10765

Edx-Platform