Summary

Teachers are allowed to give up to 5 reviews instead of the implied limit of 4 (given each student is supposed to have 1 review per week with each school session lasting only 4 weeks).

Vulnerability Details

The line require(reviewCount[_student] < 5, "Student review count exceeded!!!"); allows for up to 5 reviews to be submitted since it will only revert once 5 reviews have already been given by the teacher.

Impact

This would allow for a 5th review to be added by a teacher since on the 4th review, the function is allowed to be successfully called. The potential for this is the ability to alter a students grade with an additional review, which could in turn change their grade from passing to failing and not allowing them to graduate and vice versa.

The ability for this issue to occur is also dependent on if the function does not have a revert for if the school session has already ended (as of right now, there is no revert for this so that would be a separate bug).

Tools Used

Manual review and Foundry

Recommendations

Change the logic to require(reviewCount[_student] < 4, "Student review count exceeded!!!");

Alternatively, if a revert for the session being ended is included, this should hypothetically allow for only 4 reviews to be completed since each session will only be 4 weeks with 1 review allowed per week, but changing this logic will explicitly prevent it as well.