exploitDog

GHSA-48hh-v7xg-xpgq

Опубликовано: 10 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.6

Описание

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1.

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1.

Ссылки

EPSS

Процентиль: 64%

0.0046

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-25616

CVSS3: 4.3

nvd

11 месяцев назад

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1.

EPSS

Процентиль: 64%

0.0046

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-284