CVE Catalog
CVE-2025-15657
MediumCVSS 5.3Summary
In School Management versions <= 93.1.0, there is a vulnerability of unauthenticated insecure direct object references (IDOR). This allows attackers to access data they should not have access to.
Risk Assessment
Organizations may be exposed to data leaks and unauthorized access to sensitive information, which can lead to serious legal and reputational consequences.
Recommendation
It is recommended to update to the latest version of the software to eliminate this vulnerability and implement appropriate authorization mechanisms.
Original NVD description (English source)
Unauthenticated Insecure Direct Object References (IDOR) in School Management <= 93.1.0 versions.

