CVE-2025-11080 | zhuimengshaonian wisdom-education up to 1.0.4 ExamInfoController.java selectStudentExamInfoList subjectId improper authorization

A vulnerability was found in zhuimengshaonian wisdom-education up to 1.0.4 and classified as problematic. This vulnerability affects the function selectStudentExamInfoList of the file src/main/java/com/education/api/controller/student/ExamInfoController.java. Such manipulation of the argument subjectId leads to improper authorization.

This vulnerability is referenced as CVE-2025-11080. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More