exploitDog

GHSA-cjhc-275v-r97h

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.

Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.

Ссылки

EPSS

Процентиль: 34%

0.00138

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2018-16971

CVSS3: 4.3

nvd

больше 7 лет назад

Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.

EPSS

Процентиль: 34%

0.00138

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639