CVE-2026-24666
📋 TL;DR
This CSRF vulnerability in Open eClass allows attackers to trick authenticated teachers into performing unauthorized actions like modifying assignment grades by sending crafted requests. It affects all Open eClass installations prior to version 4.2 where teachers access the platform.
💻 Affected Systems
- Open eClass (formerly GUnet eClass)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could systematically alter grades for entire classes, delete course materials, or modify critical course settings, potentially compromising academic integrity and causing operational disruption.
Likely Case
Targeted grade manipulation for specific students or unauthorized modifications to assignment settings, leading to academic record inaccuracies and administrative overhead.
If Mitigated
Limited impact with proper CSRF protections and user awareness, potentially catching suspicious activity through monitoring.
🎯 Exploit Status
Exploitation requires social engineering to trick authenticated teachers into clicking malicious links while logged in.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 4.2
Vendor Advisory: https://github.com/gunet/openeclass/security/advisories/GHSA-cgmh-73qg-28fm
Restart Required: Yes
Instructions:
1. Backup your Open eClass installation and database. 2. Download version 4.2 from the official repository. 3. Replace existing files with the patched version. 4. Run any database update scripts if provided. 5. Restart the web server.
🔧 Temporary Workarounds
Implement CSRF Tokens
allManually add CSRF protection to teacher-restricted endpoints if immediate patching isn't possible.
Session Timeout Reduction
allReduce session timeout durations to limit exposure windows for CSRF attacks.
Modify session configuration in application settings to reduce timeout values
🧯 If You Can't Patch
- Implement strict SameSite cookie policies for session cookies
- Educate teachers about the risks of clicking unknown links while authenticated
🔍 How to Verify
Check if Vulnerable:
Check if your Open eClass version is below 4.2 by examining the version file or admin panel.Check Version:
Check the version.txt file in the installation directory or view the admin panel version information.Verify Fix Applied:
Confirm installation of version 4.2 and test teacher endpoints for CSRF token implementation.📡 Detection & Monitoring
Log Indicators:
- Multiple grade modification requests from same teacher in short timeframe
- Requests to teacher endpoints without proper referrer headers
Network Indicators:
- HTTP POST requests to teacher endpoints without CSRF tokens
- Suspicious referrer domains in teacher endpoint requests
SIEM Query:
source="web_server" AND (uri="/teacher/*" OR uri="/courses/*/teacher/*") AND method="POST" AND NOT csrf_token=*