CVE-2025-70033

Medium CVSS: 5.4

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

Vendor

Product

CWE

Yayın Tarihi

2026-03-09 18:16:14

Güncelleme

2026-04-01 15:40:48

Source Identifier

cve@mitre.org

KEV Date Added

CWE-79 Sunbirded-portal MEDIUM Sunbird 2026

https://gist.github.com/zcxlighthouse/5036e0ea5a40146fb5051d7a94252857 https://github.com/Sunbird-Ed https://github.com/Sunbird-Ed/SunbirdEd-portal

High

CVE-2025-70027

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This…

High

CVE-2025-70028

An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discov…

High

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd…

High

CVE-2025-70031

An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

Medium

CVE-2025-70032

An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

High

CVE-2025-70029

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disabl…