CVE-2025-25616

Опубликовано: 10 мар. 2025

Источник: nvd

CVSS3: 4.3

CVSS3: 7.6

EPSS Низкий

Описание

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1.

Ссылки

https://github.com/armaansidana2003/CVE-2025-25616
Third Party Advisory
https://github.com/changeweb/Unifiedtransform
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:changeweb:unifiedtransform:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.0046

Низкий

4.3 Medium

CVSS3

7.6 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-284

Связанные уязвимости

GHSA-48hh-v7xg-xpgq

CVSS3: 7.6

github

11 месяцев назад

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1.

EPSS

Процентиль: 64%

0.0046

Низкий

4.3 Medium

CVSS3

7.6 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-284