CVE-2025-65594

Published
View on NVD ↗
CVSS v3
8.1
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users.

tsuretettee/cve-2025-65594
tsuretettee/cve-2025-65594
My writeup on the incorrect access control vulnerability in OpenSIS.
GitLabGitLab