📦 Classroomio

CVE-2025-65669 is an authorization bypass vulnerability in classroomio 0.1.13 that allows student accounts to delete courses from the Explore page without proper permission checks. This bypasses the i...

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in classroomio version 0.1.13 that allows unauthorized users to access and modify course settings through share and invite f...

This IDOR vulnerability in classroomio 0.1.13 allows students to temporarily access admin/teacher endpoints by manipulating course IDs in URLs, leading to unauthorized disclosure of sensitive course, ...

A stored cross-site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to inject malicious JavaScript via crafted SVG profile pictures. This enables attackers to ex...

A stored cross-site scripting (XSS) vulnerability in Classroomio LMS version 0.1.13 allows authenticated attackers to inject malicious JavaScript via crafted SVG cover images. This enables attackers t...