CVE-2023-49339
6.5MEDIUMEllucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
Published: 2/13/2024Updated: 5/7/2025
Description
Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
AI AnalysisPowered by AI
Affected Products
ellucianbanner
References
- https://github.com/3zizme/CVE-2023-49339/ExploitThird Party Advisory
- https://www.ellucian.com/solutions/ellucian-bannerProduct
- https://github.com/3zizme/CVE-2023-49339/ExploitThird Party Advisory
- https://www.ellucian.com/solutions/ellucian-bannerProduct