CVE-2025-65594 | THREATINT

Description

OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users.

PUBLISHED Reserved 2025-11-18 | Published 2025-12-09 | Updated 2025-12-11 | Assigner mitre

References

opensis.com

gitlab.com/tsuretettee/cve-2025-65594

cve.org (CVE-2025-65594)

nvd.nist.gov (CVE-2025-65594)

Download JSON