CVE-2026-33402
- EPSS 0.03%
- Veröffentlicht 26.03.2026 16:45:59
- Zuletzt bearbeitet 31.03.2026 13:11:41
Sakai is a Collaboration and Learning Environment (CLE). In versions 23.0 through 23.4 and 25.0 through 25.1, group titles and description can contain cross-site scripting scripts. The patch is included in releases 25.2 and 23.5. As a workaround, one...
CVE-2025-62710
- EPSS 0.02%
- Veröffentlicht 22.10.2025 22:19:21
- Zuletzt bearbeitet 30.10.2025 16:55:28
Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password (serverSecretKey) using RandomStringUtils with the default java.util.Random. java.util.Random...
CVE-2024-47876
- EPSS 0.41%
- Veröffentlicht 15.10.2024 16:15:05
- Zuletzt bearbeitet 30.10.2025 18:14:44
Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.2, kernel users created with type roleview can log in as a normal user. This can result in illegal access being granted to the system. Version 23.3 fi...
CVE-2019-16148
- EPSS 0.24%
- Veröffentlicht 09.09.2019 13:15:11
- Zuletzt bearbeitet 21.11.2024 04:30:09
Sakai through 12.6 allows XSS via a chat user name.