CVE-2026-24667
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, failure to invalidate active user sessions after a password change allows existing session tokens to remain valid, potentially enabling unauthorized continued access to user accounts. This issue has been patched in version 4.2.
Vendor
Product
CWE
Yayın Tarihi
2026-02-03 18:16:19
Güncelleme
2026-02-10 18:35:19
Source Identifier
security-advisories@github.com
KEV Date Added
-