Avm99963

**Name of the Vulnerable Software and Affected Versions** accesuniversitat.gencat.cat version 1.7.5 **Description** The Java API in the affected software allows remote attackers to obtain personal information of all registered students via several API endpoints. **Recommendations** For version 1.7.5, consider restricting access to the API endpoints until a patch is available. As a temporary workaround, limit the information that can be retrieved through the API to minimize the risk of exploitation.