exploitDog

GHSA-m635-gpvm-5hcf

Опубликовано: 08 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.

Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.

Ссылки

EPSS

Процентиль: 34%

0.0014

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2023-34958

CVSS3: 4.3

nvd

больше 2 лет назад

Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.

EPSS

Процентиль: 34%

0.0014

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863