exploitDog

GHSA-j8rr-p259-7wpm

Опубликовано: 25 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers.

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers.

Ссылки

EPSS

Процентиль: 57%

0.00357

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-287

CWE-306

Связанные уязвимости

CVE-2023-27259

CVSS3: 7.5

nvd

больше 2 лет назад

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers.

EPSS

Процентиль: 57%

0.00357

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-287

CWE-306