← voltar
CVE-2023-38884

CVE-2023-38884

EPSS 0.9%
An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>'
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38884https://github.com/OS4ED/openSIS-Classichttps://www.os4ed.com/