PT-2026-34605 · Openlearn · Openlearn

Jvr2022

Published

2026-04-23

Updated

2026-04-23

CVE-2026-41243

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions OpenLearn versions prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab

Description When safeMode is enabled, unapproved forum posts are hidden from the public list. However, the direct post-read procedure still returns the full post to any user who possesses the post UUID.

Recommendations Update to commit 844b2a40a69d0c4911580fe501923f0b391313ab.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2026-41243

Affected Products

Openlearn

PT-2026-34605 · Openlearn · Openlearn

CVE-2026-41243

Weakness Enumeration

Related Identifiers

Affected Products

References · 4