exploitDog

CVE-2025-25621

Опубликовано: 17 мар. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1.

Ссылки

https://github.com/armaansidana2003/CVE-2025-25621
Exploit
Third Party Advisory
https://github.com/changeweb/Unifiedtransform
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:changeweb:unifiedtransform:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.0006

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-mwxh-v66f-wcq5

CVSS3: 4.3

github

11 месяцев назад

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1.

EPSS

Процентиль: 19%

0.0006

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284