Browse all 3 CVE security advisories affecting BroadLearning. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BroadLearning provides educational technology solutions focusing on e-learning platforms and virtual classroom systems. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. The company has recorded three CVEs, with notable issues including RCE flaws in their video conferencing modules and XSS vulnerabilities in student portal components. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in web-facing components suggests ongoing challenges in secure coding practices and input sanitization across their platform ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-9884 | eClass platform contains a Broken Access Control vulnerability — eclassCWE-284 | 9.8 | - | 2019-07-25 |
| CVE-2019-9885 | eClass platform contains a SQL injection vulnerability — eclassCWE-89 | 9.8 | - | 2019-07-25 |
| CVE-2019-9886 | eClass platform allows user to download arbitrary files without authentication — eclassCWE-22 | 7.5 | - | 2019-07-11 |
This page lists every published CVE security advisory associated with BroadLearning. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.