Zero-day Vulnerability Discovered by Oivan Cybersecurity
During our penetration testing projects with one of our clients, our Cybersecurity team members Eyad Almuqhim and Petri Hannonen discovered a zero-day Cross-site Scripting (XSS) vulnerability in one of our client’s web applications that is powered by the latest version of Open edX platform.
The vulnerability is now tracked as CVE-2022-32195. Open edX is an open-source educational platform that is used by hundreds of organizations around the world in governments, private sectors, and educational institutes.
Our Cybersecurity team reached out to Open edX Security to report the security vulnerability, and they were able to resolve it and issue a patch fixing the vulnerability in a short time. The details about the affected platform and the security patch are available in here.
OIVAN can help you design, develop, and operate secure services that will keep your valuable information protected from cybercriminals. Our experts can help you assess your applications, your systems, and your networks for any security vulnerabilities that may put your organization and business at risk.
Want to hear more about our Cybersecurity services? Let’s talk!
Feel free to contact Dr. Bilal Al Sabbagh, Head of Cybersecurity at bilal.alsabbagh@oivan.com for more information.