Security Advisory

CVE-2025-56747

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-14 00:00:00

Last updated 2025-10-14 15:57:08

Assigner mitre

State PUBLISHED

Description

Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability in the Api_instructor controller where regular authenticated users can access instructor-only functions without proper role validation, allowing unauthorized course creation and management.

← Browse all CVEs View on cve.org ↗