Auth bypass in Pwncollege Dojo
CVE-2025-62376
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any…
Vulnerability class: Broken Authentication
EPSS: 0.006 (43.0th percentile) — read the EPSS interpretation.
Affected products
- Pwncollege Dojo — versions < 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)