Primary

Context

Sunbird-Ed SunbirdEd-portal Path Traversal Vulnerability

Vulnerability

A path traversal vulnerability has been identified in Sunbird-Ed SunbirdEd-portal version 1.13.4. This issue, related to improper limitation of a pathname to a restricted directory, allows attackers to traverse outside the intended directory and potentially access or modify sensitive files on the server.

Impact

Exploitation of this vulnerability could lead to unauthorized access or modification of sensitive files on the server.

Reproduction

To reproduce this vulnerability, upload a file through the application that is processed by the server. The server-side code should be examined to identify any file handling functions that are vulnerable to path traversal. If the application does not properly validate or sanitize file paths, it may be possible to manipulate the file upload to traverse directories and access restricted files.

Added: Mar 9, 2026, 9:22 PM

Updated: Mar 9, 2026, 9:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

8.4

remediation

0.0

relevance

3.7

threat

4.8

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

8.4

remediation

0.0

relevance

3.7

threat

4.8

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sunbird-Ed SunbirdEd-portal Path Traversal Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating