Was CBSE’s OSM portal hacked? Here’s what the claims of a 19-year-old reveal


Quick overview – click for full details

Concise summary of key points

In one line

A 19-year-old cyber security researcher claims to have hacked CBSE’s OSM portal, but the board denies any breach has taken place.

Key points

Hacker claims

A 19-year-old cyber security enthusiast, Nisarga, claimed to have exploited multiple vulnerabilities in CBSE’s OSM portal in February 2024, including encrypted passwords and weak authentication, and reported them to CERT-In.

CBSE disclaimer

CBSE denied any compromise of its current assessment portal, stating that the referred URL was a test page with sample data and no live information.

Weaknesses of the portal

The alleged issues included client-side OTP authentication, weak path protection, password reset errors, and insecure direct object reference (IDOR) vulnerabilities that allow user impersonation.

Government intervention

The Union Education Ministry has deputed experts from IIT Madras and IIT Kanpur to audit the technical infrastructure of the OSM system.

Processed with AI. Reviewed by DH Digital Team.

Published May 27, 2026, 06:30 IS





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending now

Five lesser-known museums to visit in Berlin
Decades after Selma violence spurred Voting Rights Act, organizers worry about its fate
News in pictures | March 9, 2026: The best photos from around the world
Greens beat Merz’s CDU in Germany’s key regional elections: exit poll