{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34832", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T20:52:53.284Z", "datePublished": "2026-04-02T19:08:03.206Z", "dateUpdated": "2026-04-03T14:43:14.459Z"}, "containers": {"cna": {"title": "Scoold: Cross-Account Feedback Deletion (IDOR)", "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "lang": "en", "description": "CWE-639: Authorization Bypass Through User-Controlled Key", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/Erudika/scoold/security/advisories/GHSA-g5fv-xw88-vw44", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Erudika/scoold/security/advisories/GHSA-g5fv-xw88-vw44"}, {"name": "https://github.com/Erudika/scoold/commit/5def88c25405cc60482292bcceb45dc024e899fe", "tags": ["x_refsource_MISC"], "url": "https://github.com/Erudika/scoold/commit/5def88c25405cc60482292bcceb45dc024e899fe"}, {"name": "https://github.com/Erudika/scoold/releases/tag/1.66.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/Erudika/scoold/releases/tag/1.66.1"}], "affected": [{"vendor": "Erudika", "product": "scoold", "versions": [{"version": "< 1.66.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T19:08:03.206Z"}, "descriptions": [{"lang": "en", "value": "Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.66.1, Scoold contains an authenticated authorization flaw in feedback deletion that allows any logged-in, low-privilege user to delete another user's feedback post by submitting its ID to POST /feedback/{id}/delete. The handler enforces authentication but does not enforce object ownership (or moderator/admin authorization) before deletion. In verification, a second non-privileged account successfully deleted a victim account's feedback item, and the item immediately disappeared from the feedback listing/detail views. This issue has been patched in version 1.66.1."}], "source": {"advisory": "GHSA-g5fv-xw88-vw44", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-03T14:43:03.105703Z", "id": "CVE-2026-34832", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T14:43:14.459Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34832", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T14:43:03.105703Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T14:43:10.534Z"}}], "cna": {"title": "Scoold: Cross-Account Feedback Deletion (IDOR)", "source": {"advisory": "GHSA-g5fv-xw88-vw44", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Erudika", "product": "scoold", "versions": [{"status": "affected", "version": "< 1.66.1"}]}], "references": [{"url": "https://github.com/Erudika/scoold/security/advisories/GHSA-g5fv-xw88-vw44", "name": "https://github.com/Erudika/scoold/security/advisories/GHSA-g5fv-xw88-vw44", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/Erudika/scoold/commit/5def88c25405cc60482292bcceb45dc024e899fe", "name": "https://github.com/Erudika/scoold/commit/5def88c25405cc60482292bcceb45dc024e899fe", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/Erudika/scoold/releases/tag/1.66.1", "name": "https://github.com/Erudika/scoold/releases/tag/1.66.1", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.66.1, Scoold contains an authenticated authorization flaw in feedback deletion that allows any logged-in, low-privilege user to delete another user's feedback post by submitting its ID to POST /feedback/{id}/delete. The handler enforces authentication but does not enforce object ownership (or moderator/admin authorization) before deletion. In verification, a second non-privileged account successfully deleted a victim account's feedback item, and the item immediately disappeared from the feedback listing/detail views. This issue has been patched in version 1.66.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639: Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T19:08:03.206Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34832", "state": "PUBLISHED", "dateUpdated": "2026-04-03T14:43:14.459Z", "dateReserved": "2026-03-30T20:52:53.284Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-02T19:08:03.206Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:erudika:scoold:*:*:*:*:*:*:*:*", "matchCriteriaId": "52EC1B7D-984C-4F4B-AE33-0B3512EFC00D", "versionEndExcluding": "1.66.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.66.1, Scoold contains an authenticated authorization flaw in feedback deletion that allows any logged-in, low-privilege user to delete another user's feedback post by submitting its ID to POST /feedback/{id}/delete. The handler enforces authentication but does not enforce object ownership (or moderator/admin authorization) before deletion. In verification, a second non-privileged account successfully deleted a victim account's feedback item, and the item immediately disappeared from the feedback listing/detail views. This issue has been patched in version 1.66.1."}], "id": "CVE-2026-34832", "lastModified": "2026-04-15T17:29:54.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-02T20:16:27.040", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/Erudika/scoold/commit/5def88c25405cc60482292bcceb45dc024e899fe"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/Erudika/scoold/releases/tag/1.66.1"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Exploit"], "url": "https://github.com/Erudika/scoold/security/advisories/GHSA-g5fv-xw88-vw44"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.66.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "scoold", "source": "cna", "vendor": "Erudika"}, "product": "scoold", "vendor": "erudika"}], "analysis": {"en": {"generated_at": "2026-04-02T22:20:02.268368+00:00", "value": {"mitigation_remediation": ["Upgrade Scoold to version 1.66.1 or newer", "Restrict delete functionality so that only the owner or an administrator can delete feedback items"], "summary": {"action": "Apply Patch", "impact": "Unauthorized Deletion of User Feedback"}, "threat_synthesis": {"affected_systems": "Erudika\u2019s Scoold platform, versions prior to 1.66.1, is affected. The issue was fixed in release 1.66.1.", "description_and_impact": "The vulnerability is an IDOR that allows a logged\u2011in, low\u2011privilege user to delete any other user\u2019s feedback post by specifying its identifier in a POST request to /feedback/{id}/delete. Because authentication is enforced but ownership checks are missing, the attacker can remove content and potentially disrupt knowledge sharing within the platform, undermining the integrity and availability of user contributions.", "risk_and_exploitability": "With a CVSS score of 6.5, the flaw is classified as Medium severity. Exploitation requires authenticated access; any standard user can delete content when they know the feedback ID. EPSS score is unavailable and KEV catalog shows no listing. The attack vector is inferred to be an internal authenticated POST request where the attacker supplies the target\u2019s feedback identifier."}}}}, "created": "2026-04-03T07:31:29.294620+00:00", "updated": "2026-04-03T09:16:25.192828+00:00", "vendors": ["erudika", "erudika$PRODUCT$scoold"]}