Serosoft Solutions Academia SIS EagleR Privilege Escalation Vulnerability via Azure JWT Token Exposure

A vulnerability allowing the exposure of Azure JWT access tokens has been identified in Serosoft Solutions Academia Student Information System (SIS) EagleR version 1.0.118. This issue arises in the Analytics section of the administrator account, where the token is included in the server response when an analytics report is requested. The exposed token, associated with PowerBI, carries elevated privileges that could be exploited by authenticated attackers to access sensitive information and perform administrative functions within PowerBI.

Impact

Exploitation of this vulnerability allows unauthorized access to PowerBI reports, dashboards, and sensitive datasets. It also enables administrative actions within PowerBI, potentially disrupting data integrity and confidentiality. Additionally, such access could lead to violations of compliance regulations, including GDPR and FERPA, due to the unauthorized exposure of sensitive educational data.

Reproduction

To reproduce this vulnerability, an authenticated administrator must request an analytics report within the affected version of the Academia SIS. The server response will include an Azure JWT access token linked to PowerBI, which can then be intercepted and misused.