CNNVD-202602-1266 Information
CNNVD ID
CNNVD-202602-1266
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
PlaciPy是Praskla Technology开源的一个综合性的就业管理系统,旨在为教育机构简化学生、培训人员和管理人员的就业流程。 PlaciPy 1.0.0版本存在安全漏洞,该漏洞源于管理员授权中间件信任客户端控制的JWT声明而未执行服务器端角色验证,可能导致权限提升。
Description (English)
PlaciPy is an integrated employment management system, which is an open source for Praskla Technology, and aims to simplify the employment process for students, trainers and managers in educational institutions. There is a security loophole in the version PlaciPy 1.0.0, which stems from the administrator ’ s authorization to trust the client-controlled JWT statement without implementing the server-end role validation, which may lead to an increase in privileges.
Vulnerability Type
其他
Affected Vendor
Praskla Technology
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-mx95-8ppg-v574
Share on: