Authorization Bypass Vulnerability in OBS Student Affairs Information System by PROLIZ
CVE-2025-0875

4.2MEDIUM

Key Information:

Vendor: Proliz Computer Software Hardware Service Trade Ltd. Co.
Status: Obs (student Affairs Information System)
Vendor: CVE Published:; 22 September 2025

🔔 Create Proliz Computer Software Hardware Service Trade Ltd. Co. Vulnerability Alert

What is CVE-2025-0875?

The OBS (Student Affairs Information System) from PROLIZ contains a significant vulnerability that allows an authorization bypass through user-controlled keys. This flaw enables attackers to perform parameter injection, potentially leading to unauthorized access to sensitive information within the system. Affected versions are prior to v26.0328, and it is crucial for organizations using this software to implement necessary security measures to mitigate the risks associated with this vulnerability.

Affected Version(s)

OBS (Student Affairs Information System) 0

References

https://www.usom.gov.tr/bildirim/tr-25-0282

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 22, 2025
Vulnerability Reserved
Jan 30, 2025

Credit

Mustafa Anıl YILDIRIM