Akirazz

**Name of the Vulnerable Software and Affected Versions** OUSL-GROUP-BrinaryBrains School Student Management System versions prior to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6 **Description** Improper authentication can occur due to a weakness in the `sign auth cookie()` function within the `application/controllers/Login.php` file of the `MY Controller` component. A remote attacker can exploit this by manipulating the `role` argument. **Recommendations** Update to a version later than 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. As a temporary workaround, restrict access to the `sign auth cookie()` function in the `application/controllers/Login.php` file to minimize the risk of exploitation.