CNNVD-202510-1990 Information

CNNVD ID

CNNVD-202510-1990

Related CVE

CVE-2025-56747

• CNNVD Published: 2025-10-14

Description (Chinese)

Creativeitem Academy LMS是孟加拉国Creativeitem公司的一个在线学习管理系统。 Creativeitem Academy LMS 5.13及之前版本存在安全漏洞，该漏洞源于Api_instructor控制器缺少角色验证，可能导致权限提升。

Description (English)

Creativeitem Academy LMS is an online learning management system for Creativeitem in Bangladesh. There is a security loophole in the Creativeitem Academy LMS 5.13 and earlier versions, which stems from the lack of role validation of the Api instructor controller, which may lead to increased access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Creativeitem

Published

2025-10-14

Last Modified

2026-02-24

References

https://suryadina.com/academy-lms-instructor-escalation-3n7b9f2w5k https://access.redhat.com/security/cve/cve-2025-56747

Patch

https://videohive.net/