QwikSec

Security Database

CVE

CWE

Training

CVE-2026-25811

Published: Feb 9, 2026

Modified: Feb 10, 2026

PUBLISHED

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derives the tenant identifier directly from the email domain provided by the user, without validating domain ownership or registration. This allows cross-tenant data access.

Vendor	Product	Versions
Praskla-Technology	assessment-placipy	affected `= 1.0.0`

Weaknesses (CWE)

References

https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-3gmm-9ww2-87fh

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.