CVE-2025-65681

Low CVSS: 3.3

An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.

Vendor

Edly

Product

Tutor

CWE

CWE-384

Yayın Tarihi

2025-11-26 19:15:49

Güncelleme

2025-12-30 15:38:14

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-384 Tutor LOW Edly 2025

Referanslar

https://docs.tutor.edly.io https://github.com/Rivek619/CVE-2025-65681 https://github.com/overhangio/tutor