CVE-2018-16970
4.3MEDIUMWisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
Опубликовано: 9/12/2018Обновлено: 11/21/2024
Описание
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
ИИ-АнализНа базе ИИ
Затронутые продукты
wisetaillearning_management_system
Ссылки
- https://blog.ziaurrashid.com/wisetail-learning-ecosystem-multiple-idor-vunlerability/ExploitThird Party Advisory
- https://blog.ziaurrashid.com/wisetail-learning-ecosystem-multiple-idor-vunlerability/ExploitThird Party Advisory