VYPR

Sunbirded Portal

by Sunbird

Source repositories

CVEs (7)

  • CVE-2025-70031HigMar 9, 2026
    risk 0.57cvss 8.8epss 0.00

    An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

  • CVE-2025-70027HigMar 11, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information

  • CVE-2025-70028HigMar 9, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

  • CVE-2025-70030HigMar 9, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

  • CVE-2025-70029HigFeb 11, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options

  • CVE-2025-70032MedMar 9, 2026
    risk 0.40cvss 6.1epss 0.00

    An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

  • CVE-2025-70033MedMar 9, 2026
    risk 0.35cvss 5.4epss 0.00

    An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.