An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.