Each Teacher Receives 35% of Bursary Instead of Sharing It
Summary
According to the documentation, teachers are collectively entitled to 35% of the bursary. However, the current implementation allocates 35% of the bursary to each teacher individually, leading to an overpayment when multiple teachers exist.
Vulnerability Details
The current wage calculation for teachers is as follows:
This formula allocates 35% of the total bursary to each teacher, rather than splitting 35% among all teachers. However, as per the documentation:
“Teachers will share in 35% of all school fees paid as their wages.”
This implies that 35% of the bursary should be distributed among all teachers, not given in full to each
Impact
If there is more than one teacher, the system will overpay the total teacher wages—potentially distributing more than 100% of the bursary. This breaks the intended accounting model and could drain school funds.
Tools Used
Manual code review.
Recommendations
Update the payPerTeacher calculation to divide the 35% wage pool equally among all teachers:
This ensures that the total teacher payout does not exceed 35% of the bursary.
Lead Judging Commences
incorrect teacher pay calculation
`payPerTeacher` in `graduateAndUpgrade()` is incorrectly calculated.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.