{
  "entrypoint_kind": "endpoint",
  "entrypoint_detail": "POST /egroupware/json.php?menuaction=EGroupware\\SmallParT\\Overlay::ajax_write (JSON body) over nginx->php-fpm; isParticipant()/isTeacher() authz bypass via request-supplied participants[] array in course_id",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "mariadb:11.8",
    "egroupware/egroupware:26.2.20260216 (vulnerable) + 26.2.20260224 (fixed)",
    "nginx:stable-alpine",
    "EGroupware smallpart app (Overlay::ajax_write \u2192 Overlay::aclCheck \u2192 Bo::isParticipant/isTeacher)"
  ],
  "proof_artifacts": [
    "logs/vuln_variant_reproduction.log",
    "logs/vuln_overlay_write_control.json",
    "logs/vuln_overlay_write_bypass.json",
    "logs/fixed_overlay_write_control.json",
    "logs/fixed_overlay_write_bypass.json",
    "logs/vuln_variant_summary.txt",
    "logs/fixed_variant_summary.txt"
  ],
  "notes": "vuln_authz_bypass=1 fixed_authz_bypass=1 fixed_ctrl_denied=1 fixed_past_acl=1"
}