Primary

Context

Unifiedtransform Privilege Escalation Vulnerability Allowing Unauthorized Changes to Section Details

Vulnerability

A vulnerability in Unifiedtransform version 2.0 allows teachers to escalate privileges by changing section names and room numbers, actions that should be reserved for administrators. This issue arises from incorrect access control, enabling unauthorized modifications that could disrupt academic management and operations.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in section management, causing potential confusion and mismanagement in academic settings.

Reproduction

To reproduce this vulnerability, log into the application as a teacher. Navigate to the section editing endpoint, and modify the section name and room number fields. After making the changes, save the modifications.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Unifiedtransform Privilege Escalation Vulnerability Allowing Unauthorized Changes to Section Details

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating