CVE-2025-25953
First published: Mon Mar 03 2025(Updated: )
Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Serosoft Academia Student Information System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-25953?
CVE-2025-25953 is considered a high severity vulnerability due to the potential for privilege escalation and access to sensitive information.
How do I fix CVE-2025-25953?
To fix CVE-2025-25953, update the Serosoft Solutions Academia Student Information System to the latest version that addresses the token exposure issue.
Who is affected by CVE-2025-25953?
CVE-2025-25953 affects users of Serosoft Solutions Academia Student Information System (SIS) EagleR v1.0.118.
What type of attack does CVE-2025-25953 enable?
CVE-2025-25953 enables authenticated attackers to escalate privileges and potentially gain access to sensitive information.
When was CVE-2025-25953 discovered?
CVE-2025-25953 was discovered in the Serosoft Solutions Academia Student Information System version 1.0.118.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/source
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/serosoft solutions
- canonical/serosoft academia student information system