CVE-2025-48375 – Schule Open-Source School Management System OTP Email Flooding Vulnerability

May 23, 2025

CVE ID : CVE-2025-48375

Published : May 23, 2025, 4:15 p.m. | 2 hours, 37 minutes ago

Description : Schule is open-source school management system software. Prior to version 1.0.1, the file forgot_password.php (or equivalent endpoint responsible for email-based OTP generation) lacks proper rate limiting controls, allowing attackers to abuse the OTP request functionality. This vulnerability can be exploited to send an excessive number of OTP emails, leading to potential denial-of-service (DoS) conditions or facilitating user harassment through email flooding. Version 1.0.1 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48376 – DNN External URL Site Export RCE

Next Article CVE-2025-43860 – OpenEMR Stored Cross-Site Scripting (XSS) Vulnerability

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

How I personalized my ChatGPT conversations – why it’s a game changer

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Oracle Cloud EPM: Transitioning to Forms 2.0, Dashboards 2.0 by October 2025

This Week in Laravel: React.js, Filament vs Laravel, and Junior Test

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

CVE-2025-48375 – Schule Open-Source School Management System OTP Email Flooding Vulnerability

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Cookie pop-ups don’t have to be a fact of life online – how I block them and why

T-Mobile is giving loyal users a free line right now – how to see if you qualify

Would you ditch AT&T or Verizon for $3,200? T-Mobile has a deal for you then

CVE-2023-47310 – MikroTik RouterOS IPv6 UDP Traceroute Information Disclosure

Senua’s Saga: Hellblade 2 comes to PS5 with “exciting new features,” Xbox and PC getting free update

How to Get Nominated for the Most Prestigious International Awards in Paris in 2025

Distribution Release: Feren OS 2025.03

CitrixBleed 2: Electric Boogaloo — CVE-2025–5777

CVE-2025-48375 – Schule Open-Source School Management System OTP Email Flooding Vulnerability

Related Posts