Sunbird: >> Sunbirded-Portal Security Vulnerabilities
An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-03-09
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-03-09
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-09
An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options
CVSS Score
7.5
EPSS Score
0.0
Published
2026-02-11