Security Advisory

CVE-2026-25876

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-09 20:48:50

Last updated 2026-02-10 15:59:14

Assigner GitHub_M

State PUBLISHED

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/results.routes.ts verify authentication but fails to enforce object-level authorization (ownership checks). For example, this can be used to return all results for an assessment.

← Browse all CVEs View on cve.org ↗