CVE-2025-11321 | zhuimengshaonian wisdom-education up to 1.0.4 WrongBookController.java subjectId authorization

A vulnerability was found in zhuimengshaonian wisdom-education up to 1.0.4. It has been rated as problematic. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass.

This vulnerability is identified as CVE-2025-11321. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More