Primary

Context

Unifiedtransform Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability exists in Unifiedtransform version 2.0. The issue arises from incorrect access control in the application, allowing remote attackers to escalate privileges through the '/course/edit/{id}' endpoint. This vulnerability enables unauthorized users, such as students and teachers, to modify course details, including names and categories, which could disrupt academic management and curriculum integrity.

Impact

Exploitation of this vulnerability allows unauthorized users to change course information, potentially leading to academic mismanagement.

Reproduction

To reproduce this vulnerability, log into the application as a teacher or student. Navigate to the '/course/edit/{id}' endpoint, replacing '{id}' with the ID of an existing course. Once there, modify the course name and type, then click 'update' to save the changes.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Unifiedtransform Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating