Vulnerability Details CVE-2025-65734
An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.1%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2025-65734
-
cpe:2.3:a:openeclass:openeclass:3.11
-
cpe:2.3:a:openeclass:openeclass:3.11.1
-
cpe:2.3:a:openeclass:openeclass:3.11.2
-
cpe:2.3:a:openeclass:openeclass:3.12
-
cpe:2.3:a:openeclass:openeclass:3.12.1
-
cpe:2.3:a:openeclass:openeclass:3.12.2
-
cpe:2.3:a:openeclass:openeclass:3.12.3
-
cpe:2.3:a:openeclass:openeclass:3.12.4
-
cpe:2.3:a:openeclass:openeclass:3.12.5
-
cpe:2.3:a:openeclass:openeclass:3.12.6