CVE-2025-70029

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options

Sunbird-Ed/SunbirdEd-portal
Sunbird-Ed/SunbirdEd-portal
Web Portal for sunbird software. Provides the web interfaces for all functionality of Sunbird. Find the installation instructions at: https://ed.sunbird.org/use-1/install-locally/sunbirded-portal
GitHubGitHub
40