Soumettre #625917: Portabilis i-Educar 2.10.0 Authorization Bypassinformation

TitrePortabilis i-Educar 2.10.0 Authorization Bypass
DescriptionBroken Function Level Authorization (BFLA) allows unauthorized users to alter student grades Summary An API endpoint in i-Educar 2.9.0 is vulnerable to Broken Function Level Authorization (BFLA). An unauthorized user is able to modify student grades by directly accessing the /module/Api/Diario endpoint, bypassing permission controls. This leads to severe integrity issues, where anyone with access to the API format can tamper with academic records. Details The endpoint /module/Api/Diario does not enforce proper authorization checks to validate whether the calling user has the right to alter student grades. Even a user without any profile or assigned permissions can successfully submit a request and change the grades of students in the system. There is no validation of session roles or associated permissions before executing sensitive academic actions. PoC 1 - Create a new user with no privileges. 2 - Prepare a request to the /module/Api/Diario endpoint with the data to submit a student grade, using the low privillege user cookie then send the request. Print:https://github.com/CVE-Hunters/CVE/blob/main/images/bfla002.png?raw=true Observe the results: { "oper": "post", "resource": "grades", "msgs": [{ "msg": "Grades successfully posted!", "type": "success" }], "any_error_msg": false } Impact This is a Broken Function Level Authorization (BFLA) vulnerability, as categorized by OWASP API Security Top 10 (2023) - API4. The consequences include: Tampering with academic data without authorization. Loss of data integrity in school records. Potential legal and reputational damage for educational institutions.
La source⚠️ https://github.com/CVE-Hunters/CVE/blob/main/i-educar/Broken%20Function%20Level%20Authorization%20(BFLA)%20allows%20unauthorized%20users%20to%20alter%20student%20grades.md
Utilisateur
 nmmorette (UID 87361)
Soumission31/07/2025 01:02 (il y a 9 mois)
Modérer09/08/2025 07:11 (9 days later)
StatutAccepté
Entrée VulDB319317 [Portabilis i-Educar jusqu’à 2.9.0 API Endpoint /module/Api/Diario élévation de privilèges]
Points20

PrécédentAperçuSuivant

Want to stay up to date on a daily basis?

Enable the mail alert feature now!