Описание
OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users.
Ссылки
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.2 (включая)
cpe:2.3:a:os4ed:opensis:*:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00036
Низкий
8.1 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-284
Связанные уязвимости
CVSS3: 8.1
github
2 месяца назад
OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users.
EPSS
Процентиль: 11%
0.00036
Низкий
8.1 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-284