CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...

PT-2026-7161

Name of the Vulnerable Software and Affected Versions PlaciPy version 1.0.0 Description PlaciPy is a placement management system for educational institutions. The admin authorization middleware in version 1.0.0 trusts client-controlled JWT claims, specifically the role and scope, without performi...