CVE-2026-25809

Medium CVSS: 5.3

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment lifecycle state before allowing execution. There is no check to ensure that the assessment has started, is not expired, or the submission window is currently open.

Vendor

Prasklatechnology

Product

Placipy

CWE

CWE-285

Yayın Tarihi

2026-02-09 21:15:49

Güncelleme

2026-02-11 19:41:44

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-285 Placipy MEDIUM Prasklatechnology 2026

Referanslar

https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-cc32-rp29-w9x7

Benzer Kayıtlar

Critical

CVE-2026-25814

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query…

Critical

CVE-2026-25875

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorizatio…

Medium

CVE-2026-25811

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derive…

Critical

CVE-2026-25812

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enable…

High

CVE-2026-25813

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs h…

Medium

CVE-2026-25810

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes…