Vulnerability Details CVE-2026-24667
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, failure to invalidate active user sessions after a password change allows existing session tokens to remain valid, potentially enabling unauthorized continued access to user accounts. This issue has been patched in version 4.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.1%
CVSS Severity
CVSS v3 Score 5.0
Products affected by CVE-2026-24667
-
cpe:2.3:a:gunet:open_eclass_platform:2.10.1
-
cpe:2.3:a:gunet:open_eclass_platform:2.11.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.0
-
cpe:2.3:a:gunet:open_eclass_platform:3.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.10
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.11
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.12
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.13
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.5
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.6
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.7
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.8
-
cpe:2.3:a:gunet:open_eclass_platform:3.1.9
-
cpe:2.3:a:gunet:open_eclass_platform:3.10
-
cpe:2.3:a:gunet:open_eclass_platform:3.10.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.10.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.11
-
cpe:2.3:a:gunet:open_eclass_platform:3.11.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.11.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.12
-
cpe:2.3:a:gunet:open_eclass_platform:3.12.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.12.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.12.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.12.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.12.5
-
cpe:2.3:a:gunet:open_eclass_platform:3.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.2.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.2.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.2.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.3.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.3.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.3.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.3.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.4.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.4.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.4.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.4.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.5.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.5.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.5.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.5.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.5.5
-
cpe:2.3:a:gunet:open_eclass_platform:3.5.6
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.5
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.6
-
cpe:2.3:a:gunet:open_eclass_platform:3.6.7
-
cpe:2.3:a:gunet:open_eclass_platform:3.7
-
cpe:2.3:a:gunet:open_eclass_platform:3.7.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.7.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.7.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.7.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.7.5
-
cpe:2.3:a:gunet:open_eclass_platform:3.7.6
-
cpe:2.3:a:gunet:open_eclass_platform:3.8
-
cpe:2.3:a:gunet:open_eclass_platform:3.8.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.8.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.8.3
-
cpe:2.3:a:gunet:open_eclass_platform:3.8.4
-
cpe:2.3:a:gunet:open_eclass_platform:3.9
-
cpe:2.3:a:gunet:open_eclass_platform:3.9.1
-
cpe:2.3:a:gunet:open_eclass_platform:3.9.2
-
cpe:2.3:a:gunet:open_eclass_platform:3.9.3