{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-70027", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-11T14:40:33.327Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-03-11T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T14:04:54.836Z"}, "descriptions": [{"lang": "en", "value": "An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Sunbird-Ed"}, {"url": "https://github.com/Sunbird-Ed/SunbirdEd-portal"}, {"url": "https://gist.github.com/zcxlighthouse/6eac455e9094ae313a1c39c25d520b3d"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-918", "lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T14:39:54.440348Z", "id": "CVE-2025-70027", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T14:40:33.327Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-70027", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-11T14:40:33.327Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-03-11T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T14:04:54.836Z"}, "descriptions": [{"lang": "en", "value": "An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Sunbird-Ed"}, {"url": "https://github.com/Sunbird-Ed/SunbirdEd-portal"}, {"url": "https://gist.github.com/zcxlighthouse/6eac455e9094ae313a1c39c25d520b3d"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-70027", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-11T14:39:54.440348Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T14:37:46.314Z"}}]}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sunbird:sunbirded-portal:1.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "83F8A2B1-1434-4F95-BF9B-33BB51BCFFF7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information"}, {"lang": "es", "value": "Un problema relacionado con CWE-918: Falsificaci\u00f3n de petici\u00f3n del lado del servidor fue descubierto en Sunbird-Ed SunbirdEd-portal v1.13.4. Esto permite a los atacantes obtener informaci\u00f3n sensible"}], "id": "CVE-2025-70027", "lastModified": "2026-04-02T13:12:23.077", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-11T15:16:21.507", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://gist.github.com/zcxlighthouse/6eac455e9094ae313a1c39c25d520b3d"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/Sunbird-Ed"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/Sunbird-Ed/SunbirdEd-portal"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.13.4"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "sunbirded-portal", "vendor": "sunbird-ed"}], "analysis": {"en": {"generated_at": "2026-04-02T15:36:18.050837+00:00", "value": {"mitigation_remediation": ["Upgrade Sunbird\u2011Ed SunbirdEd\u2011portal to the latest available patch or version that removes the SSRF flaw", "If a patch is unavailable, restrict the portal\u2019s outbound network traffic to only the required services using firewall or proxy rules", "Implement URL validation or a strict allow\u2011list in the application\u2019s request handling to prevent arbitrary outbound requests", "Continuously monitor application logs for unexpected outbound connections and investigate any anomalies"], "summary": {"action": "Patch", "impact": "Remote Data Retrieval"}, "threat_synthesis": {"affected_systems": "The vulnerability is confined to the Sunbird\u2011Ed SunbirdEd\u2011portal product at release 1.13.4. No other vendors or product variants are listed, and the CPE data confirms a single affected instance.", "description_and_impact": "A server\u2011side request forgery flaw in Sunbird\u2011Ed SunbirdEd\u2011portal version 1.13.4 allows an attacker to control the URL that the application requests from the network. By supplying an arbitrary URL, the vulnerable code can force the portal to reach internal or external resources, thereby exposing data that should not be publicly accessible. The weakness corresponds to CWE\u2011918 and results in the disclosure of sensitive information.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity, while the EPSS score below 1% suggests that exploitation is unlikely at present. The vulnerability is not catalogued in CISA\u2019s Known Exploited Vulnerabilities list. The likely attack path involves an attacker crafting a request containing a malicious URL to activate the SSRF, which would allow data retrieval from the portal\u2019s execution environment. The impact would be limited to the data exposed through the portal\u2019s outbound reach, but it poses a significant confidentiality risk if internal resources can be accessed."}}}}, "created": "2026-03-12T10:06:43.601963+00:00", "updated": "2026-04-02T20:23:54.165162+00:00", "vendors": ["sunbird-ed", "sunbird-ed$PRODUCT$sunbirded-portal"]}