CVE-2025-7708
6.8 MEDIUMInsertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd
Published: 2026-02-09 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 6.8 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
- CWE
- CWE-201
Description
Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation. This issue affects k12net: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-54197 — Unauthenticated Sensitive Data Exposure in GetGenie <= 4.4.1 versions (6.5 MEDIUM)
- CVE-2026-52695 — Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout <= 1.8.2 versions (7.5 HIGH)
- CVE-2026-52692 — Unauthenticated Sensitive Data Exposure in Affiliates Manager <= 2.9.50 versions (7.5 HIGH)
- CVE-2026-49082 — Subscriber Sensitive Data Exposure in Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & C... (7.4 HIGH)
- CVE-2026-48965 — Subscriber Sensitive Data Exposure in XCloner <= 4.8.6 versions (6.5 MEDIUM)