A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component SCIM User Creation Endpoint. The manipulation leads to authorization bypass.

This vulnerability was named CVE-2025-4210. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.