A 19-year-old student claimed he managed to play the viral Bad Apple song on a CBSE portal, while demonstrating what he described as serious security flaws. "We were able to get full create, read, update and delete (CRUD) access...and shell access to CBSE's prod servers. This is disastrous," he wrote. The student previously said he reported multiple vulnerabilities to authorities.