CVE-2026-25810

Publication date

2026-02-09 20:48:54

Family

GitHub_M

State

PUBLISHED

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/student.submission.routes.ts verify authentication but fails to enforce object-level authorization (ownership checks).