CVE-2025-12270

Name of the Vulnerable Software and Affected Versions LearnHouse (affected versions not specified)

Description A flaw exists that results in improper control of resource identifiers. This issue is located within the Student Assignment Submission Handler component, specifically affecting an unknown function within the /api/v1/assignments/{assignment id}/tasks/{task id}/sub file file. The attack can be initiated remotely. The exploit for this issue has been publicly disclosed. The product utilizes continuous delivery with rolling releases, and no specific version details for affected or updated releases are available. The vendor was contacted regarding this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.