search

TechNodes2-0 / ElectiveHub

ElectiveHub is an Education Management System designed to simplify and enhance the management of student information and elective subject selection in educational institutions. It offers a suite of applications for students, teachers, and administrators, providing a user-friendly platform.
https://electivehub.onrender.com
MIT License
75 stars 115 forks source link

Admin excess to everyone #252

Closed KaranPatelDev closed 5 months ago

KaranPatelDev commented 6 months ago

Description

Description: The user, who is not an administrator, is able to access other users’ account details. This is a critical security issue as it breaches privacy and confidentiality norms.

Steps to Reproduce: Log in to the system as a non-admin user. Attempt to access account details of another user. Expected Result: The non-admin user should not be able to access other users’ account details. An error message should be displayed, or the user should be redirected to their own account page.

Actual Result: The non-admin user is able to access other users’ account details.

Additional Notes: This issue needs immediate attention as it is a severe breach of privacy and can lead to misuse of sensitive information.

Screenshots

Screenshot_29-5-2024_173616_electivehub onrender com Screenshot_29-5-2024_173533_electivehub onrender com

Additional information

No response

What browser are you seeing the problem on?

No response

Checklist

github-actions[bot] commented 6 months ago

Hi there! Thanks for opening this issue. We appreciate your contribution to this open-source project. We aim to respond or assign your issue as soon as possible.

Yash636261 commented 5 months ago

issue is already there.