Vulnerabilities > EDX > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-18	CVE-2020-13145	Cross-site Scripting vulnerability in EDX Open EDX Platform 2.5 Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. network edx CWE-79	3.5
2019-07-29	CVE-2015-6253	Cross-site Scripting vulnerability in EDX Edx-Platform edx-platform before 2015-08-17 allows XSS in the Studio listing of courses. network edx CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.