Improper Authorization in ZeroWdd/code-projects StudentManager Product
CVE-2025-3587
Currently unrated
What is CVE-2025-3587?
A vulnerability has been identified in version 1.0 of ZeroWdd's StudentManager, where improper authorization can occur in the /getTeacherList endpoint. This flaw allows unauthorized users to access sensitive information or perform actions without proper permissions. The vulnerability can be exploited remotely, posing a significant risk to the integrity and confidentiality of the data. It is crucial for users of this product to review their security measures and implement necessary patches to mitigate potential threats.