CNNVD-202602-1900 Information

CNNVD ID

CNNVD-202602-1900

Related CVE

CVE-2025-70029

• CNNVD Published: 2026-02-11

Description (Chinese)

sunbird-portal是Sunbird-ED开源的一个的门户网站。 sunbird-portal 1.13.4版本存在安全漏洞，该漏洞源于应用程序通过设置rejectUnauthorized为false来禁用TLS/SSL证书验证，可能导致攻击者获取敏感信息。

Description (English)

Sunbird-portal is an open source portal for Sunbird-ED. There is a security loophole in version 1.13.4 of sunbird-portal, which stems from the fact that the application disables TLS/SSL certifications by setting the subject Unauthorized as false, which may result in the aggressor gaining access to sensitive information.

Vulnerability Type

其他

Affected Vendor

Sunbird-ED

Published

2026-02-11

Last Modified

2026-02-24

References

https://gist.github.com/zcxlighthouse/e662c8316f98a1c72735cda4f6bfcfe6 https://github.com/Sunbird-Ed https://github.com/Sunbird-Ed/SunbirdEd-portal

Patch

https://github.com/Sunbird-Ed/SunbirdEd-portal/releases