Home

Description

An Insecure Direct Object Reference (IDOR) in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request.

PUBLISHED Reserved 2025-08-16 | Published 2025-09-30 | Updated 2025-09-30 | Assigner mitre

References

github.com/syauqi/collegetivity

github.com/...ulnerability-research/tree/main/CVE-2025-56392

cve.org (CVE-2025-56392)

nvd.nist.gov (CVE-2025-56392)

Download JSON