Every CVE whose affected-product data names Erudika Scoold, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-1543 — CVSS 8.8 (high): Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service…
CVE-2026-34832 — CVSS 6.5 (medium): Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.66.1, Scoold contains an authenticated authorization flaw in…
CVE-2026-39354 — CVSS 6.5 (medium): Scoold is a Q&A and a knowledge sharing platform for teams. Prior to 1.66.2, an authenticated authorization flaw in Scoold allows any…
CVE-2021-46372 — CVSS 5.4 (medium): Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when…
CVE-2024-50334 — CVSS 5.3 (medium): Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config…