Amid mounting complaints over glitches in the Central Board of Secondary Education (CBSE) on-screen marking (OSM) portal, the board is facing fresh scrutiny after a 19-year-old cybersecurity researcher claimed to have uncovered “vulnerabilities” in the digital evaluation system. The CBSE, however, denied any breach, asserting that the evaluation platform remained secure.The controversy has also drawn the attention of the parliamentary panel on education, which has summoned officials from the Union Education Ministry and the CBSE for a June 2 meeting to review issues linked to the OSM system in Class XII board examinations and the implementation of the three-language formula in Classes IX and X.Nisarga Adhikary, a 19-year-old cybersecurity researcher, alleged that flaws in the OSM portal could have enabled hackers to access examiner accounts, bypass authentication protocols and alter students’ marks. In a blog post, Adhikary claimed he was able to log into the system as an examiner without completing the OTP verification process and access the evaluation dashboard.“I opened the OSM portal and started examining the HTTP requests and backend structure. The login page appeared routine, asking for a user ID, school code and password followed by OTP verification. The vulnerabilities became evident only after analysing the code behind the portal,” he wrote.The concerns surfaced after CBSE declared Class XII results on May 13, with the pass rate dropping to 85.20 per cent from 88.39 per cent last year. Soon after, students applying for revaluation reported fluctuating fees, website crashes and alleged mixing of answer sheets of different subjects.Responding to the allegations, the CBSE clarified that the URL referenced in social media posts, cbse.onmarks.co.in, was only a testing portal containing sample data meant for internal review purposes.“There are no actual evaluation records, marks or sensitive data on the testing portal. No security breach has been detected in the portal used for live evaluation work,” the board said in a statement.CBSE maintained that the OSM system had been introduced to enhance transparency in assessments and said adequate safeguards and grievance redressal mechanisms had been built into the platform.“The board emphasises that no security breaches have come to light on the portal deployed for the actual evaluation work. The system has been implemented for enhanced transparency in assessments with strong grievance redressal mechanisms built into it and would reassure all concerned about the safeguards implemented to ensure the integrity of the platform,” the statement added.Meanwhile, the Indian Institute of Technology, Kanpur, and Indian Institute of Technology, Madras, have formed a four-member expert committee to assist CBSE in resolving technical glitches. The panel will conduct a technical audit of the portal to identify the reasons behind the disruptions.Union Education Minister Dharmendra Pradhan on Tuesday also held discussions with senior officials of State Bank of India, Bank of Baroda, Canara Bank and Indian Bank regarding an overhaul of the CBSE payment gateway system. He directed the banks to support the board in establishing stronger payment protocols.Congress leader Digvijaya Singh, who heads the parliamentary committee on education, questioned the design and implementation of the OSM system.“Clearly, there has been some lapse somewhere within the CBSE. Questions are being raised about who designed the OSM system, who the vendor is and what their experience has been. The Parliamentary Standing Committee on the Ministry of Education has called a meeting to seek detailed information from the CBSE,” Singh said.