CVE-2025-25953

critical

Description

Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information.

References

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89640

Details

Source: Mitre, NVD

Published: 2025-03-03

Updated: 2025-03-05

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical