CVE-2025-25953

medium

Description

Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information.

References

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25953

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89640

Details

Source: Mitre, NVD

Published: 2025-03-03

Updated: 2025-04-23

Risk Information

CVSS v2

Base Score: 9.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N

Severity: High

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00039