CVE-2025-25953

Medium CVSS: 6.5

Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information.

Vendor

Serosoft

Product

Academia Student Information System

CWE

CWE-862

Yayın Tarihi

2025-03-03 01:15:11

Güncelleme

2025-12-12 16:15:44

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-862 Academia Student Information System MEDIUM Serosoft 2025

Referanslar

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89640 https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25953 https://github.com/el-viper/cve-research/tree/main/CVEs/CVE-2025-25953

Benzer Kayıtlar

Critical

CVE-2025-27583

Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academ…

Medium

CVE-2025-27584

A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS…

Medium

CVE-2025-27585

A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS…

High

CVE-2025-25950

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Info…

High

CVE-2025-25951

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Acade…

Medium

CVE-2025-25952

An Insecure Direct Object References (IDOR) in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solution…