New Delhi: The Centre's cyber security agency CERT-In (Indian Computer Emergency Response Team) flagged vulnerabilities in CBSE's online evaluation system - once in February and thrice in May - and found one of its portals "not fit" for deployment in a production environment after a security audit, a parliamentary panel was informed.In a note to the Parliamentary Standing Committee on Education, chaired by Congress leader Digvijaya Singh, the IT ministry said CBSE uses the OnMark portal, developed by vendor COEMPT, for on-screen marking (OSM) of Class 12 answer sheets. The system hosts 10 CBSE-related domains on infrastructure supported by Amazon Web Services (AWS) India.Also Read: Lokhande Prashant Sitaram appointed as new CBSE chief amid OSM controversyVulnerabilities across three domains were reported by users during this period. CERT-In verified the flaws, alerted CBSE and AWS, and sought remedial action. While AWS said the vulnerabilities were fixed, CBSE maintained some issues related to the test environment and that corrective steps were underway.As part of its mandate under the IT Act, the agency analysed reported vulnerabilities and shared alerts with concerned entities. It also carried out an emergency security assessment of one CBSE portal, concluding it was unsuitable for production use, the panel was told.Separately, an education ministry note flagged quality concerns in the evaluation process, noting that the scanning of 13,583 answer sheets reviewed around May 9 was unsatisfactory, raising readability and assessment issues. In such cases, evaluation was done manually after obtaining comments, with results uploaded later.Also Read: CBSE Chairman transferred amid OSM controversy: All about IAS officer Rahul SinghDuring the meeting on CBSE's OSM rollout, a 17-year-old student from Jharkhand, Sarthak Sidhant, made a presentation before the panel in the presence of CBSE chairman and school education secretary, flagging alleged irregularities in tender clauses which could have favoured a particular vendor.CBSE, in its response, said portal glitches have been rectified, and students have time till June 6 to apply for re-evaluation. Sources said some members informally praised the student's grasp of the issue, with suggestions that the education ministry could tap his expertise. The panel also discussed the three-language formula for Classes 9 and 10.