CVE-2018-16970
4.3MEDIUMWisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
Veröffentlicht: 9/12/2018Aktualisiert: 11/21/2024
Beschreibung
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
KI-AnalyseKI-gestützt
Betroffene Produkte
wisetaillearning_management_system
Referenzen
- https://blog.ziaurrashid.com/wisetail-learning-ecosystem-multiple-idor-vunlerability/ExploitThird Party Advisory
- https://blog.ziaurrashid.com/wisetail-learning-ecosystem-multiple-idor-vunlerability/ExploitThird Party Advisory