CVEDB API

Vulnerabilities

Vulnerable Software

Sunbird: >> Sunbirded-Portal Security Vulnerabilities

CVE-2025-70027

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information

CVSS Score

7.5

EPSS Score

0.0

Published

2026-03-11

CVE-2025-70028

An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

CVSS Score

7.5

EPSS Score

0.001

Published

2026-03-09

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

CVSS Score

7.5

EPSS Score

0.001

Published

2026-03-09

CVE-2025-70031

An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

CVSS Score

8.8

EPSS Score

0.0

Published

2026-03-09

CVE-2025-70032

An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

CVSS Score

6.1

EPSS Score

0.0

Published

2026-03-09

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

CVSS Score

5.4

EPSS Score

0.0

Published

2026-03-09

CVE-2025-70029

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options

CVSS Score

7.5

EPSS Score

0.0

Published

2026-02-11

Page 1

Vulnerabilities

Vulnerable Software

Sunbird: >> Sunbirded-Portal Security Vulnerabilities

Products

Pricing

Contact Us