Authentication Bypass by Spoofing

CVE-2025-67298

High

8.1/10

An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the endpoints /api/verify and /rest/v1/profile

This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.