Описание
A bypass exists for Desire2Learn/D2L Brightspace’s “Disable Right Click” option in the quizzing feature, which allows a quiz-taker to access print and copy functionality via the browser’s right click menu even when “Disable Right Click” is enabled on the quiz.
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:d2l:brightspace:20.21.7:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.0485
Низкий
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 6.5
github
почти 4 года назад
An Access Control vulnerability exists in Desire2Learn/D2L Learning Management System (LMS) 20.21.7 via the quizzing feature, which allows a remote malicious user to disable the Disable right click control.
EPSS
Процентиль: 89%
0.0485
Низкий
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
NVD-CWE-Other