Polarlearn
Monthly
Unauthenticated message injection in PolarLearn 0-PRERELEASE-16 and earlier allows remote attackers to send persistent messages to arbitrary group chats via the WebSocket API without credentials. Public exploit code exists for this vulnerability, which affects all users of vulnerable versions by enabling spam and potential information manipulation within group communications.
Email enumeration in PolarLearn through timing analysis of the login endpoint allows unauthenticated attackers to identify valid user accounts by observing response time differences between existing and non-existent users. The vulnerability stems from the server only performing expensive password hashing for registered accounts, creating a measurable timing side-channel. Public exploit code exists for this vulnerability affecting PolarLearn version 0-PRERELEASE-15 and earlier.
PolarLearn versions 0-PRERELEASE-15 and earlier lack proper state parameter validation in OAuth 2.0 authentication, enabling attackers to conduct login CSRF attacks against GitHub and Google login flows. An attacker can pre-authenticate a victim's session and trick them into logging into the attacker's account, causing the victim's data and academic progress to be stored on the attacker's account instead. Public exploit code exists for this vulnerability, and a patch is available.
PolarLearn versions prior to 0-PRERELEASE-15 fail to validate the `direction` parameter in the forum vote API endpoint, allowing authenticated attackers to submit arbitrary values that bypass business logic and corrupt vote data. Public exploit code exists for this vulnerability. The issue affects authenticated users who can manipulate voting behavior through improper input validation.
Unauthenticated message injection in PolarLearn 0-PRERELEASE-16 and earlier allows remote attackers to send persistent messages to arbitrary group chats via the WebSocket API without credentials. Public exploit code exists for this vulnerability, which affects all users of vulnerable versions by enabling spam and potential information manipulation within group communications.
Email enumeration in PolarLearn through timing analysis of the login endpoint allows unauthenticated attackers to identify valid user accounts by observing response time differences between existing and non-existent users. The vulnerability stems from the server only performing expensive password hashing for registered accounts, creating a measurable timing side-channel. Public exploit code exists for this vulnerability affecting PolarLearn version 0-PRERELEASE-15 and earlier.
PolarLearn versions 0-PRERELEASE-15 and earlier lack proper state parameter validation in OAuth 2.0 authentication, enabling attackers to conduct login CSRF attacks against GitHub and Google login flows. An attacker can pre-authenticate a victim's session and trick them into logging into the attacker's account, causing the victim's data and academic progress to be stored on the attacker's account instead. Public exploit code exists for this vulnerability, and a patch is available.
PolarLearn versions prior to 0-PRERELEASE-15 fail to validate the `direction` parameter in the forum vote API endpoint, allowing authenticated attackers to submit arbitrary values that bypass business logic and corrupt vote data. Public exploit code exists for this vulnerability. The issue affects authenticated users who can manipulate voting behavior through improper input validation.