Vulners
Lucene search
📄 Unifiedtransform 2.x Student Editor Missing Authorization
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | Exploit for Incorrect Privilege Assignment in Changeweb Unifiedtransform | 29 May 202515:27 | – | githubexploit |
 | CVE-2025-46203 | 29 May 202515:37 | – | circl |
 | Unifiedtransform 安全漏洞 | 4 Jun 202500:00 | – | cnnvd |
 | CVE-2025-46203 | 4 Jun 202500:00 | – | cve |
 | CVE-2025-46203 | 4 Jun 202500:00 | – | cvelist |
 | EUVD-2025-16924 | 3 Oct 202520:07 | – | euvd |
 | CVE-2025-46203 | 4 Jun 202520:15 | – | nvd |
 | CVE-2025-46203 | 4 Jun 202520:15 | – | osv |
 | PT-2025-23848 · Unknown · Unifiedtransform | 4 Jun 202500:00 | – | ptsecurity |
 | CVE-2025-46203 | 6 Jun 202501:01 | – | redhatcve |
10
## Description
Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Any user (students and teachers) can access and modify student records via the /students/edit/{id} endpoints. This functionality intended exclusively for administrative use. Exploiting this vulnerability can lead to unauthorized data manipulation and privilege escalation.
Vendor: [Unifiedtransform](https://github.com/changeweb/Unifiedtransform)
## Product
A school management Software
v2.X
---
## Affected components
Total Access Control Mechanism which is responsible for enforcing user permissions and roles.
Route: GET /students/edit/{id}
Controller: UserController
Method: editStudents()
And all other endpoints and functionalities related to editing student profiles.
## PoC/Attack Vector
**Step 1:** Install the application as instructed in the official GitHub repository, and log in using the default admin credentials. ([email protected]:password)
**Step 2:** Create a school session and add both teachers and students as per the instructions provided in the repository.
**Step 3:** Log in to the application as a Teacher or Student.
**Step 4:** Navigate to the endpoint:
/students/edit/{id}
ID=1 is reserved for the Admin.
IDs 2, 3, etc., are assigned to Teachers.
IDs following those (e.g., 4, 5, ...) are assigned to Students.
(For example, if you create 2 teachers and 2 students, then ID=2 will be Teacher 1, ID=3 will be Teacher 2, ID=4 will be Student 1, and ID=5 will be Student 2.)
**Step 5:** Change the details and click on update.
---
**Vulnerability Type:** Incorrect Access Control
**Attack Type:** Remote
**Impact:** Escalation of Privileges
**Attack Vectors:** Broken Access Control allows teachers or students to modify data of other students.
**Discoverer:** Sneh Bavarva
## Additional information
**Impact:** This allows unauthorized modifications to other student's data, which should only be accessible by administrators. This can lead to significant data integrity issues and unauthorized privilege escalation.
**References:**
https://github.com/changeweb/Unifiedtransform
https://cwe.mitre.org/data/definitions/284.html
- [Unifiedtransform Official Site](http://unifiedtransform.com)
- [Unifiedtransform GitHub Repository](https://github.com/changeweb/Unifiedtransform)Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 May 2025 00:00Current
7.3High risk
Vulners AI Score7.3
CVSS 3.16.5
EPSS0.00088
SSVC