Описание
Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:tecnick:tcexam:14.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00144
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission.
EPSS
Процентиль: 35%
0.00144
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-639