Rivek619/CVE-2025-65681

Releases0

An issue was discoverd in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks. Discovered by - Rivek Raj Tamang (RivuDon), Sikkim, India.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-65681 ↗	Nov 26, 2025Wednesday, 26 November 2025, 19:15	3.3 LOW	—
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.