CVE-2026-7491

Name of the Vulnerable Software and Affected Versions School App developed by Zyosoft (affected versions not specified)

Description An Insecure Direct Object Reference (IDOR) issue exists, where authenticated remote attackers can modify a specific parameter to read and modify data belonging to other users. IDOR is a type of access control flaw that occurs when an application uses user-supplied input to access objects directly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.