2 matches found
CVE-2025-48375
Schule is open-source school management system software. Prior to version 1.0.1, the file forgotpassword.php or equivalent endpoint responsible for email-based OTP generation lacks proper rate limiting controls, allowing attackers to abuse the OTP request functionality. This vulnerability can be...
CVE-2025-48375
CVE-2025-48375 concerns Schule, an open-source school management system. Prior to version 1.0.1, the endpoint responsible for email-based OTP generation (forgot_password.php) lacks proper rate limiting, enabling abuse of the OTP request function. This can lead to excessive OTP emails, risking den...