Primary

Context

OS4ED openSIS Insecure Direct Object Reference Vulnerability Allowing Unauthorized File Access

Vulnerability

A vulnerability allowing unauthorized access to staff-uploaded files has been identified in OS4ED openSIS versions 7.0 through 9.1. This insecure direct object reference (IDOR) issue is located in the '/assets/stafffiles' component, where files are stored using a naming convention that includes the staff member's ID. An unauthenticated attacker can enumerate the directory and retrieve any of the saved files.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files uploaded by staff members.

Reproduction

To reproduce this vulnerability, access the '/assets/stafffiles' directory on an openSIS installation within the vulnerable version range. Files can be retrieved by exploiting the IDOR, as they are stored with a naming convention that includes the staff ID and filename. An unauthenticated attacker can enumerate the directory to access these files.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

9.5

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

9.5

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OS4ED openSIS Insecure Direct Object Reference Vulnerability Allowing Unauthorized File Access

Vulnerability

Impact

Reproduction

Affected Products

OS4ED openSIS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating