Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2026-42857— Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization

CVSS 4.6 · Medium EPSS 0.03% · P9

Affected Version Matrix 2

VendorProductVersion RangeStatus
openedxopenedx-platform< cddc25cd791bb78f76833896e4778f668861df12affected
>= sumac, < ulmoaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-42857

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization
Source: NVD (National Vulnerability Database)
Vulnerability Description
Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove <style> tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in email notification templates, allowing any enrolled student to inject arbitrary CSS into email notifications sent to other users. This enables email tracking (IP address disclosure), content spoofing, and phishing attacks. This vulnerability is fixed with commit cddc25cd791bb78f76833896e4778f668861df12.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Open edX Platform 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Open edX Platform是Open edX开源的一套开源的课程管理系统(CMS)。该系统可用于MOOCs(大规模网络开放课程)以及较小的课程和培训模块。 Open edX Platform存在跨站脚本漏洞,该漏洞源于HTML清理器clean_thread_html_body未移除用户生成讨论内容中的style标签,且内容使用Django |safe模板过滤器渲染,可能导致任意注册学生注入任意CSS到邮件通知中。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
openedxopenedx-platform < cddc25cd791bb78f76833896e4778f668861df12 -

II. Public POCs for CVE-2026-42857

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-42857

登录查看更多情报信息。

Patches & Fixes for CVE-2026-42857 (1)

Vendor Advisories for CVE-2026-42857 (1)

Same Patch Batch · openedx · 2026-05-11 · 3 CVEs total

CVE-2026-428588.5 HIGHOpen edX Platform: Server-Side Request Forgery (SSRF) in SAML Provider Data Sync Endpoint
CVE-2026-428608.5 HIGHOpen edx Enterprise Service: SSRF via SAML metadata URL in sync_provider_data endpoint

IV. Related Vulnerabilities

Same product: openedx-platform
Same vendor: openedx
Same weakness: CWE-79

V. Comments for CVE-2026-42857

No comments yet

Leave a comment