The Central Board of Secondary Education (CBSE) has issued a clarification following cybersecurity concerns raised by a 19-year-old student and ethical hacker regarding the security of the board’s On-Screen Marking (OSM) system. The controversy emerged after the student claimed he was able to bypass parts of the CBSE OSM portal’s login and access-control mechanisms, raising questions over the security and transparency of the digital evaluation system introduced for Class 12 examinations this year.
The student, Nisarga Adhikary, alleged through a series of posts on the social media platform X and a detailed blog article that he had identified vulnerabilities in the portal associated with CBSE’s digital answer evaluation system. According to his claims, the issues had been privately reported months earlier to the Indian Computer Emergency Response Team, commonly known as CERT-In.
The allegations quickly gained attention online, with cybersecurity experts, educators, parents, and students debating concerns related to the security of examination data and the reliability of the recently introduced digital evaluation framework. CBSE had implemented the On-Screen Marking system for the first time this year for evaluating Class 12 answer sheets.
Responding to the claims, CBSE clarified through an official statement on X that the website referred to in the allegations — cbse.onmark.co.in — was only an internal testing platform containing sample data used for review and demonstration purposes. According to the board, the portal did not contain any actual student evaluation records, marks, or sensitive examination data.
The board further stated that no security breach had been identified in the portal used for actual evaluation work. CBSE maintained that the operational evaluation system remained secure and unaffected by the vulnerabilities highlighted online.
However, the clarification did not end the controversy. Adhikary publicly disputed the board’s statement and claimed that he possessed screen recordings and evidence indicating that production user credentials could access the system. He also stated that CERT-In had acknowledged the reported vulnerabilities during prior communications.
The student further alleged that multiple domains linked to the OnMark infrastructure, including cbse1.onmark.co.in, cbse2.onmark.co.in, cbse3.onmark.co.in, and cbse4.onmark.co.in, displayed similar security weaknesses. His statements intensified discussions regarding cybersecurity practices in large-scale national examination systems.
The developments come at a time when CBSE is already facing criticism over issues linked to the re-evaluation and answer-sheet access process for Class 12 board examinations. According to the board, over 4,04,319 applications have been received from students requesting scanned copies of evaluated answer scripts. More than 11.31 lakh answer books have been sought by students, out of which approximately 8,98,214 answer books have already been provided. CBSE stated that the remaining pending requests are expected to be cleared by May 27.
Simultaneously, the board has also been dealing with complaints regarding alleged mismatches in uploaded answer sheets. A Class 12 student named Vedant had earlier claimed on social media that the handwriting visible in the scanned Physics answer sheet uploaded under his roll number did not match his own handwriting. Several other students also raised similar concerns after accessing photocopies of their answer scripts through the revaluation portal.
Following these complaints, CBSE acknowledged that mismatches had occurred in certain cases and assured affected students that the correct answer sheets would be sent to their registered email addresses. The board also stated that necessary corrections in the results would be undertaken wherever applicable.
Amid the ongoing concerns related to technical glitches and transparency in the re-evaluation process, Dharmendra Pradhan had earlier announced that technical experts from the Indian Institute of Technology Madras and the Indian Institute of Technology Kanpur would assist CBSE in strengthening and improving the infrastructure of the OSM re-evaluation portal.
The ongoing developments have intensified discussions around the security, reliability, and transparency of digital evaluation systems being increasingly adopted in national-level examinations across the country.