NEW DELHI: Fresh allegations of massive cybersecurity lapses, data exposure and administrative failures have deepened the controversy surrounding CBSE’s On Screen Marking (OSM) system, with activists now approaching National Human Rights Commission (NHRC) for urgent intervention to protect students’ educational rights, amid continuing disrupti-ons in the board’s post-exam processes.The latest row erupted after independent developers and ethical hackers publicly claimed that sensitive stud-ent data, scanned answer sheets and question papers linked to CBSE’s digital evaluation infrastructure were exposed online because of serious security vulnerabilities. Android developer Sidharth posted on X: “Almost every single OnMark portal built by EduTek is fundamentally insecure, and CBSE is lying to you about the safety of student data. We found default passwords, URL-based RCEs, and raw MD5 hashes. Millions of students are at risk.”Separately, 19-year-old software engineer Nisarga Adhikary alleged on X that CBSE-linked storage systems had been left openly accessible online. “CBSE people didn’t configure their AWS bucket (a public cloud storage container) properly and now we can paginate & enumerate all their media which has 2026 answer sheets & question papers,” he said, claiming “anyone on the internet can download any scanned booklet”.Earlier, Adhikary had claimed that he had breached parts of CBSE’s digital eval-uation infrastructure and flagged alleged security vulnerabilities linked to the OnMark portal.However, CBSE on Sunday said vulnerabilities detected in the portal operated by its service provider had been “contained”.
