CNNVD-202602-1270 Information
Feb 09, 2026
cve
CNNVD ID
CNNVD-202602-1270
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
PlaciPy是Praskla Technology开源的一个综合性的就业管理系统,旨在为教育机构简化学生、培训人员和管理人员的就业流程。 PlaciPy 1.0.0版本存在安全漏洞,该漏洞源于直接从用户提供的电子邮件域派生租户标识符而未验证域所有权,可能导致跨租户数据访问。
Description (English)
PlaciPy is an integrated employment management system, which is an open source for Praskla Technology, and aims to simplify the employment process for students, trainers and managers in educational institutions. Version 1.0.0 of PlaciPy has a security loophole, which arises from the failure to validate domain ownership through the e-mail domain identifier provided directly by the user and may result in cross-tenant data access.
Vulnerability Type
其他
Affected Vendor
Praskla Technology
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-3gmm-9ww2-87fh
Share on: