New Delhi: The CBSE's On Screen Marking (OSM) for Class 12 Boards continues to run into controversy, with ethical hacker Nisarga Adhikary alleging on Sunday that answer sheets stored by the Board had serious gaps that allowed unauthenticated public access to these documents. Student Sidhant Sarthak also raised questions on scanning capability at CBSE even as the Board said on Sunday that it had 'contained' identified gaps and was ruling out any other 'exploitable weaknesses' as well.The fresh allegations come a day before the CBSE opens its answer sheet verification/re-evaluation portal to students on June 1. Over 4 lakh students have applied for the same."CBSE people didn't configure their AWS bucket properly, and now we can paginate and enumerate all their media which has 2026 answer sheets and question papers. ListObjectsV2 works without any auth and the bucket root is listable too, anyone on the internet can download any scanned booklet, across institutions. Multiple institutions are using the same bucket, insanely insecure," 19-year-old Adhikary said on X.Class 12 student Sidhant Sarthak, who earlier questioned CBSE's tender process, further raised doubts on Sunday about scanning of answer sheets, asking how copies of answer sheets had a 'drop shadow' and '3 folds' if they were scanned properly.The Board, on its part - without giving much detail on the above allegations - said that an expert team has ensured that 'identified vulnerabilities have been contained' and other exploitable weaknesses are also being ruled out."We have been closely monitoring the vulnerabilities in the OnMark portal of our service provider that are being flagged in the public domain. An expert team of cybersecurity professionals has been deployed over the last few days from across various arms of the government as well as the IITs to fortify these systems, including taking them over to a more secure set-up. The identified vulnerabilities have been contained, and other exploitable weaknesses are being ruled out. We are grateful to all alert citizens and ethical hackers pointing out such weaknesses, and have gotten in touch with some of them directly...", CBSE said on X.Meanwhile, the Congress party targeted the CBSE over the above allegations, with Jairam Ramesh terming it a 'massive data leak' that has put the privacy of 20 lakh students at risk. "The leaked answer booklets show signs of paper folding and shadows - marks typically associated with scans done using mobile phones rather than scanning machines", Ramesh added, raising questions over COEMPT's competence and poor scanning quality.CBSE's OSM - introduced only this year - has been besieged by controversies from the start, with the overall Class 12 pass percentage dropping by 3 points under the new mechanism.While answer sheets of over 17 lakh Class 12 students were assessed under OSM, in about 68,000 cases scanning quality was found patchy. Of these, 13,000 were found not legible and several had to be re-scanned and re-evaluated manually. There are also over 20 cases where answer sheets have been mixed up, triggering serious concerns around OSM readiness.The CBSE verification/re-evaluation application portal has also been besieged by several glitches, from login errors and server outages to even 'manipulation' of its payment gateway system.Education Ministry and CBSE officials have, however, maintained that due procedure was followed in awarding the OSM contract to Coempt over TCS. Education Minister Pradhan admitted there were 'certain discrepancies' in the CBSE portal system and ensured that a team of IIT Kanpur and IIT Madras experts has now been deployed to address all glitches and gaps in the CBSE portal system, which will go live on Monday for re-evaluation/verification.