CVE Catalog

CVE-2025-15657

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

In School Management versions <= 93.1.0, there is a vulnerability of unauthenticated insecure direct object references (IDOR). This allows attackers to access data they should not have access to.

Risk Assessment

Organizations may be exposed to data leaks and unauthorized access to sensitive information, which can lead to serious legal and reputational consequences.

Recommendation

It is recommended to update to the latest version of the software to eliminate this vulnerability and implement appropriate authorization mechanisms.

Original NVD description (English source)

Unauthenticated Insecure Direct Object References (IDOR) in School Management <= 93.1.0 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS