CVE-2025-60306
Simple Car Rental System Session Forgery Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A permission bypass vulnerability in the Simple Car Rental System allows low-privilege users to forge high-privilege sessions and perform sensitive operations. This could lead to unauthorized access and significant actions within the system if it is deployed and reachable. Confirming the system's presence and exposure