CVE-2018-16970
4.3MEDIUMWisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
Published: 9/12/2018Updated: 11/21/2024
Description
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
AI AnalysisPowered by AI
Affected Products
wisetaillearning_management_system
References
- https://blog.ziaurrashid.com/wisetail-learning-ecosystem-multiple-idor-vunlerability/ExploitThird Party Advisory
- https://blog.ziaurrashid.com/wisetail-learning-ecosystem-multiple-idor-vunlerability/ExploitThird Party Advisory