Primary

Context

Unifiedtransform Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability exists in Unifiedtransform version 2.0. It allows remote attackers to manipulate student records through the '/students/edit/{id}' endpoint. This endpoint is intended for administrative use only, and the vulnerability could lead to unauthorized data changes and privilege escalation.

Impact

Exploitation of this vulnerability allows unauthorized users (students and teachers) to modify student data, potentially leading to significant data integrity issues and unauthorized privilege escalation.

Reproduction

To reproduce this vulnerability, log into the application as a Teacher or Student. Navigate to the '/students/edit/{id}' endpoint, replacing '{id}' with the ID of a student. Modify the student details and submit the changes. The update will be processed, demonstrating the lack of proper access control.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Unifiedtransform Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating