Sunbird-Ed SunbirdEd-portal v1.13.4: Unauthorized Access to Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

Sunbird-Ed SunbirdEd-portal v1.13.4: Unauthorized Access to Sensitive Data

CVE-2025-70027

Summary

An attacker can exploit a vulnerability in Sunbird-Ed's portal to access sensitive information without permission. This is a concern because it could lead to unauthorized access to sensitive data, potentially compromising confidentiality and security. To mitigate this issue, update to the latest version of Sunbird-Ed SunbirdEd-portal as soon as possible.

Original title

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information

Original description

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information

nvd CVSS3.1 7.5

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026