A vulnerability has been identified in OUSL-GROUP-BrinaryBrains School Student Management System affecting the sign_auth_cookie function in Login.php. The vulnerability allows manipulation of the role argument leading to improper authentication bypass. The attack can be launched remotely and exploits have been made publicly available. The vulnerability affects the MY_Controller component and has not received a response from the project maintainers despite early notification. The product uses rolling releases making version tracking unavailable.